frontpage.

What's your company's standard approach to developer workstations?

6•skilning•8mo ago

The short version of this question is: How does your company apply company-wide security monitoring and enforcement to Developer and DevOps machines? What exceptions are made, if any, to the workstations used by your technical power-users such as development leads and devops engineers? Does your CISO office enforce the same babysitting software -- endpoint monitoring, aggressively active threat scanning of all accessed files, etc. -- on these workstation as on the rank-and-file business employees, or are there common-sense exceptions made to accommodate the different, more i/o and CPU intensive workloads run by the technical staff?

For some background, my company has recently undertaken a growth initiative, and in the process our director of infrastructure has started applying all sorts of "best-practices" to corporate security policy indiscriminately to all machines on the domain. This has followed short on the heels of requiring our very small team of developers (five when I started, now even less) to stop using MacBooks for our development and to move to Microsoft Surface Laptops because "infrastructure can't manage multiple types of machines", despite the fact that we develop for cloud systems that run on Linux.

Needless to say, the indiscriminate application of mounds of third-party security services on top of moving us to an already less-powerful machine is impacting productivity in random and unpredictable ways. The director in question is not overly technical, and was last in the trenches around the time Windows NT was coming out, so the arguments my team are making for exceptions to some of these (in our perspective) arbitrary rules are falling on deaf ears.

I've been in the game for over 25 years, and this is the first time I've run across a director so completely brainwashed by cybersecurity marketing that he doesn't realize there's a difference between putting up baby gates for the toddlers and telling the adults they're not allowed to walk down a set of stairs by themselves, so I'm looking for some perspective on current industry practices as the HN crowd has seen it.

FDA Intends to Take Action Against Non-FDA-Approved GLP-1 Drugs

Supernote e-ink devices for writing like paper

We are QA Engineers now

Show HN: Measuring how AI agent teams improve issue resolution on SWE-Verified

Adversarial Reasoning: Multiagent World Models for Closing the Simulation Gap

Show HN: Poddley.com – Follow people, not podcasts

Layoffs Surge 118% in January – The Highest Since 2009

Papyrus 114: Homer's Iliad

DicePit – Real-time multiplayer Knucklebones in the browser

Turn-Based Structural Triggers: Prompt-Free Backdoors in Multi-Turn LLMs

Show HN: AI Agent Tool That Keeps You in the Loop

Why Every R Package Wrapping External Tools Needs a Sitrep() Function

Achieving Ultra-Fast AI Chat Widgets

Show HN: Runtime Fence – Kill switch for AI agents

Researchers surprised by the brain benefits of cannabis usage in adults over 40

Peter Thiel warns the Antichrist, apocalypse linked to the 'end of modernity'

USS Preble Used Helios Laser to Zap Four Drones in Expanding Testing

Show HN: Animated beach scene, made with CSS

An update on unredacting select Epstein files – DBC12.pdf liberated

Was going to share my work

Pitchfork: A devilishly good process manager for developers

You Are Here

Why social apps need to become proactive, not reactive

How patient are AI scrapers, anyway? – Random Thoughts

Vouch: A contributor trust management system

I built a terminal monitoring app and custom firmware for a clock with Claude

Tiny C Compiler

Y Combinator Founder Organizes 'March for Billionaires'

Ask HN: Need feedback on the idea I'm working on

OpenClaw Addresses Security Risks