@GossiTheDog@cyberplace.social I wonder across the industry how common is it for orgs to skip static code analysis, or other code vulnerability scans as part of their pipelines? Even then how many of those scans are actually effective?

Looks like AI is potentially an insider threat, and code generated by it has to be treated accordingly, even in the case of it being generated by project members and "reviewed"

@puppygirlhornypost2@transfem.social is it even worth considering a discord replacement that lacks FedRAMP compliance?

Is Matrix E2EE even FIPs compliant? SMH.

@puppygirlhornypost2@transfem.social gotta have that for regulatory compliance

@adhdjesse@mastodon.social usb-c charging for laptops has been a godsend tbh, I have forgotten my work laptop cable before...... ‍️