Merge pull request #793 from wilfriedago/main
Correct typos in documentation files
This commit is contained in:
commit
280eaa1dff
@ -14,7 +14,7 @@ Those will be changes, updates, or modifications to the direction of the company
|
||||
|
||||
Alma Security was started by Chris Meyers, who was previously at Sigma Systems as CTO and HPE as a senior security engineer.
|
||||
|
||||
He started the company becuase, "I saw a gap in the authentication market, where companies were only looking at one or two aspects of one's identity to do authentication. They we're looking at the whole picture and turning that into a continuous authentication story."
|
||||
He started the company because, "I saw a gap in the authentication market, where companies were only looking at one or two aspects of one's identity to do authentication. They we're looking at the whole picture and turning that into a continuous authentication story."
|
||||
|
||||
## Company Mission
|
||||
|
||||
@ -51,12 +51,12 @@ NOTE: Some goals are things like project rollouts which serve the higher goals.
|
||||
|
||||
## Security Team Goals
|
||||
|
||||
- SG1: Secure all customer data -- especially biometric -- from security and privacy incidents.
|
||||
- SG2: Protect Alma Security's intellectual property from being captured by unathorized parties.
|
||||
- SG1: Secure all customer data -- especially biometric -- from security and privacy incidents.
|
||||
- SG2: Protect Alma Security's intellectual property from being captured by unauthorized parties.
|
||||
- SG3: Reach a time to detect malicious behavior of less than 4 minutes by January 2025
|
||||
- SG4: Ensure the public trusts our product, because it's an authentication product we can't survive if people don't trust us.
|
||||
- SG5: Reach a time to remediate critical vulnerabilties on crown jewel systems of less than 16 hours by August 2025
|
||||
- SG6: Reach a time to remediate critical vulnerabilties on all systems of less than 3 days by August 2025
|
||||
- SG5: Reach a time to remediate critical vulnerabilities on crown jewel systems of less than 16 hours by August 2025
|
||||
- SG6: Reach a time to remediate critical vulnerabilities on all systems of less than 3 days by August 2025
|
||||
- SG7: Complete audit of Apple Passkey integration by February 2025
|
||||
- SG8: Complete remediation of Apple Passkey vulns by February 2025
|
||||
|
||||
@ -129,7 +129,7 @@ $INSERT GRAPHS OF KPI PROGRESS OVER TIME HERE$
|
||||
|
||||
## Infrastructure Notes (a basic description of our tech stack and various context around it)
|
||||
|
||||
- We currenty have no WAF protecting our main web app but we're considering adding one
|
||||
- We currently have no WAF protecting our main web app but we're considering adding one
|
||||
- We have had some issues with S3 buckets becoming public, or being set up as public, which has lead to some close calls with customer data almost being exposed.
|
||||
- alma.amazon-domain.com is our primary S3 bucket that contains everything, but it's not public readable or listable
|
||||
- We have a root account for our AWS account that doesn't yet have 2FA on it, but we're working on fixing that within a few weeks (but it's been open for a few months)
|
||||
|
@ -13,9 +13,9 @@
|
||||
- Identify the field of technology that the patent is concerned with and output it into a section called FIELD.
|
||||
- Identify the problem being addressed by the patent and output it into a section called PROBLEM.
|
||||
- Provide a very detailed explanation (including all the steps involved) of how the problem is solved in a section called SOLUTION.
|
||||
- Identfy the advantage the patent offers over what is known in the state of the art art and output it into a section called ADVANTAGE.
|
||||
- Identify the advantage the patent offers over what is known in the state of the art art and output it into a section called ADVANTAGE.
|
||||
- Definition of novelty: An invention shall be considered to be new if it does not form part of the state of the art. The state of the art shall be held to comprise everything made available to the public by means of a written or oral description, by use, or in any other way, before the date of filing of the patent application. Determine, based purely on common general knowledge and the knowledge of the person skilled in the art, whether this patent be considered novel according to the definition of novelty provided. Provide detailed and logical reasoning citing the knowledge drawn upon to reach the conclusion. It is OK if you consider the patent not to be novel. Output this into a section called NOVELTY.
|
||||
- Defintion of inventive step: An invention shall be considered as involving an inventive step if, having regard to the state of the art, it is not obvious to a person skilled in the art. Determine, based purely on common general knowledge and the knowledge of the person skilled in the art, whether this patent be considered inventive according to the definition of inventive step provided. Provide detailed and logical reasoning citing the knowledge drawn upon to reach the conclusion. It is OK if you consider the patent not to be inventive. Output this into a section called INVENTIVE STEP.
|
||||
- Definition of inventive step: An invention shall be considered as involving an inventive step if, having regard to the state of the art, it is not obvious to a person skilled in the art. Determine, based purely on common general knowledge and the knowledge of the person skilled in the art, whether this patent be considered inventive according to the definition of inventive step provided. Provide detailed and logical reasoning citing the knowledge drawn upon to reach the conclusion. It is OK if you consider the patent not to be inventive. Output this into a section called INVENTIVE STEP.
|
||||
- Summarize the core idea of the patent into a succinct and easy-to-digest summary not more than 1000 characters into a section called SUMMARY.
|
||||
- Identify up to 20 keywords (these may be more than a word long if necessary) that would define the core idea of the patent (trivial terms like "computer", "method", "device" etc. are to be ignored) and output them into a section called KEYWORDS.
|
||||
|
||||
|
@ -31,11 +31,11 @@ IDEAS:
|
||||
Instances:
|
||||
|
||||
- "We came up with a new way to use LLMs to process dolphin sounds."
|
||||
- "It turns out that dolphin lanugage and chimp language has the following 4 similarities."
|
||||
- "It turns out that dolphin language and chimp language has the following 4 similarities."
|
||||
- Etc.
|
||||
(list all instances)
|
||||
|
||||
- In a section called SELFLESSNESS, give a score of 1-10 for how much the focus was on the content vs. the speaker, folowed by a hyphen and a 15-word summary of why that score was given.
|
||||
- In a section called SELFLESSNESS, give a score of 1-10 for how much the focus was on the content vs. the speaker, followed by a hyphen and a 15-word summary of why that score was given.
|
||||
|
||||
Under this section put another subsection called Instances:, where you list a bulleted set of phrases that indicate a focus on self rather than content, e.g.,:
|
||||
|
||||
|
@ -80,7 +80,7 @@ Mangled Idioms: Using idioms incorrectly or inappropriately. Rating: 5
|
||||
|
||||
- In a section called STYLE ANALYSIS, you will evaluate the prose for what style it is written in and what style it should be written in, based on Pinker's categories. Give your answer in 3-5 bullet points of 15 words each. E.g.:
|
||||
|
||||
"- The prose is mostly written in CLASSICAL sytle, but could benefit from more directness."
|
||||
"- The prose is mostly written in CLASSICAL style, but could benefit from more directness."
|
||||
"Next bullet point"
|
||||
|
||||
- In section called POSITIVE ASSESSMENT, rate the prose on this scale from 1-10, with 10 being the best. The Importance numbers below show the weight to give for each in your analysis of your 1-10 rating for the prose in question. Give your answers in bullet points of 15 words each.
|
||||
|
@ -14,7 +14,7 @@ You create concise summaries of--or answers to--arbitrary input at 5 different l
|
||||
|
||||
- Create a virtual mindmap of the meaning of the content in your mind.
|
||||
|
||||
- Think about the anwswer to the input if its a question, not just summarizing the question.
|
||||
- Think about the answer to the input if its a question, not just summarizing the question.
|
||||
|
||||
# OUTPUT
|
||||
|
||||
|
@ -12,7 +12,7 @@ Author Daniel Miessler February 24, 2024
|
||||
|
||||
I’m starting to think Framing is everything.
|
||||
Framing
|
||||
The process by which individuals construct and interpret their reality—concsiously or unconsciously—through specific lenses or perspectives.
|
||||
The process by which individuals construct and interpret their reality—consciously or unconsciously—through specific lenses or perspectives.
|
||||
My working definition
|
||||
Here are some of the framing dichotomies I’m noticing right now in the different groups of people I associate with and see interacting online.
|
||||
AI and the future of work
|
||||
|
@ -16,7 +16,7 @@ Take a deep breath and think step by step about how to best accomplish this goal
|
||||
|
||||
- Output the purpose of each file as a list with no more than 15 words per point into a section called DETAILED EXPLANATION:.
|
||||
|
||||
- Output the code for each file seperately along with a short description of the code's purpose into a section called CODE:.
|
||||
- Output the code for each file separately along with a short description of the code's purpose into a section called CODE:.
|
||||
|
||||
- Output a script that creates the entire project into a section called SETUP:.
|
||||
|
||||
|
@ -27,7 +27,7 @@ Month Year 80 80 21 53
|
||||
|
||||
END EXAMPLE FORMAT
|
||||
|
||||
- Only ouptut numbers in the fields, no special characters like "<, >, =," etc..
|
||||
- Only output numbers in the fields, no special characters like "<, >, =," etc..
|
||||
|
||||
- Only output valid CSV data and nothing else.
|
||||
|
||||
|
@ -31,7 +31,7 @@ Month Year 67
|
||||
|
||||
END EXAMPLE FORMAT
|
||||
|
||||
- Only ouptut numbers in the fields, no special characters like "<, >, =," etc..
|
||||
- Only output numbers in the fields, no special characters like "<, >, =," etc..
|
||||
|
||||
- Do not output any other content other than the CSV data. NO backticks, no markdown, no comments, no headers, no footers, no additional text, etc. Just the CSV data.
|
||||
|
||||
|
@ -12,11 +12,11 @@ Take a step back and think step by step about how to achieve the best result pos
|
||||
|
||||
3. You extract the 15-30 most insightful and interesting quotes from the input into a section called QUOTES:. Use the exact quote text from the input.
|
||||
|
||||
4. You extract 15-30 personal habits of the speakers, or mentioned by the speakers, in the connt into a section called HABITS. Examples include but aren't limited to: sleep schedule, reading habits, things the
|
||||
4. You extract 15-30 personal habits of the speakers, or mentioned by the speakers, in the content into a section called HABITS. Examples include but aren't limited to: sleep schedule, reading habits, things the
|
||||
|
||||
5. You extract the 15-30 most insightful and interesting valid facts about the greater world that were mentioned in the content into a section called FACTS:.
|
||||
|
||||
6. You extract all mentions of writing, art, and other sources of inspiration mentioned by the speakers into a section called REFERENCES. This should include any and all references to something that the speake
|
||||
6. You extract all mentions of writing, art, and other sources of inspiration mentioned by the speakers into a section called REFERENCES. This should include any and all references to something that the speaker mentioned.
|
||||
|
||||
7. You extract the 15-30 most insightful and interesting overall (not content recommendations from EXPLORE) recommendations that can be collected from the content into a section called RECOMMENDATIONS.
|
||||
|
||||
@ -24,6 +24,6 @@ Take a step back and think step by step about how to achieve the best result pos
|
||||
|
||||
1. You only output Markdown.
|
||||
2. Do not give warnings or notes; only output the requested sections.
|
||||
3. You use numberd lists, not bullets.
|
||||
3. You use numbered lists, not bullets.
|
||||
4. Do not repeat ideas, quotes, facts, or resources.
|
||||
5. Do not start items with the same opening words.
|
||||
|
@ -12,11 +12,11 @@ Take a step back and think step by step about how to achieve the best result pos
|
||||
|
||||
3. You extract the 15-30 most insightful and interesting quotes from the input into a section called QUOTES:. Use the exact quote text from the input.
|
||||
|
||||
4. You extract 15-30 personal habits of the speakers, or mentioned by the speakers, in the connt into a section called HABITS. Examples include but aren't limited to: sleep schedule, reading habits, things the
|
||||
4. You extract 15-30 personal habits of the speakers, or mentioned by the speakers, in the content into a section called HABITS. Examples include but aren't limited to: sleep schedule, reading habits, things the speakers always do, things they always avoid, productivity tips, diet, exercise, etc.
|
||||
|
||||
5. You extract the 15-30 most insightful and interesting valid facts about the greater world that were mentioned in the content into a section called FACTS:.
|
||||
|
||||
6. You extract all mentions of writing, art, and other sources of inspiration mentioned by the speakers into a section called REFERENCES. This should include any and all references to something that the speake
|
||||
6. You extract all mentions of writing, art, and other sources of inspiration mentioned by the speakers into a section called REFERENCES. This should include any and all references to something that the speaker mentioned.
|
||||
|
||||
7. You extract the 15-30 most insightful and interesting overall (not content recommendations from EXPLORE) recommendations that can be collected from the content into a section called RECOMMENDATIONS.
|
||||
|
||||
@ -24,6 +24,6 @@ Take a step back and think step by step about how to achieve the best result pos
|
||||
|
||||
1. You only output Markdown.
|
||||
2. Do not give warnings or notes; only output the requested sections.
|
||||
3. You use numberd lists, not bullets.
|
||||
3. You use numbered lists, not bullets.
|
||||
4. Do not repeat ideas, quotes, facts, or resources.
|
||||
5. Do not start items with the same opening words.
|
||||
|
@ -42,4 +42,4 @@ You are an EDM expert who specializes in identifying artists that I will like ba
|
||||
|
||||
- Optimize your selections based on how much I'll love the artists, not anything else.
|
||||
|
||||
- Output in Markdown, but make it easy to read in text form, so no asterists, bold or italic.
|
||||
- Output in Markdown, but make it easy to read in text form, so no asterisks, bold or italic.
|
||||
|
@ -202,7 +202,7 @@ Run the summarize Pattern based on input from stdin. In this case, the body of a
|
||||
pbpaste | fabric --pattern summarize
|
||||
Run the analyze_claims Pattern with the --stream option to get immediate and streaming results.
|
||||
pbpaste | fabric --stream --pattern analyze_claims
|
||||
Run the extract_wisdom Pattern with the --stream option to get immediate and streaming results from any Youtube video (much like in the original introduction video).
|
||||
Run the extract_wisdom Pattern with the --stream option to get immediate and streaming results from any YouTube video (much like in the original introduction video).
|
||||
yt --transcript https://youtube.com/watch?v=uXs-zPc63kM | fabric --stream --pattern extract_wisdom
|
||||
new All of the patterns have been added as aliases to your bash (or zsh) config file
|
||||
pbpaste | analyze_claims --stream
|
||||
|
@ -1,7 +1,7 @@
|
||||
# IDENTITY and PURPOSE
|
||||
As an organized, high-skill expert lecturer, your role is to extract the most relevant topics from a lecture transcript and provide a structured summary using bullet points and lists of definitions for each subject. You will also include timestamps to indicate where in the video these topics occur.
|
||||
|
||||
Take a step back and think step-by-step about how you would do this. You would probably start by "watching" the video (via the transcript) and taking notes on each definition were in the lecutre, because you're an organized you'll also make headlines and list of all relevant topics was in the lecutre and break through complex parts. you'll probably include the topics discussed and the time they were discussed. Then you would take those notes and create a list of topics and timestamps.
|
||||
Take a step back and think step-by-step about how you would do this. You would probably start by "watching" the video (via the transcript) and taking notes on each definition were in the lecture, because you're an organized you'll also make headlines and list of all relevant topics was in the lecture and break through complex parts. you'll probably include the topics discussed and the time they were discussed. Then you would take those notes and create a list of topics and timestamps.
|
||||
|
||||
|
||||
# STEPS
|
||||
@ -15,7 +15,7 @@ Node each topic as a headline. In case it has sub-topics or tools, use sub-headl
|
||||
|
||||
For each topic or subject provide the most accurate definition without making guesses.
|
||||
|
||||
Extract a summary of the lecutre in 25 words, including the most important keynotes into a section called SUMMARY.
|
||||
Extract a summary of the lecture in 25 words, including the most important keynotes into a section called SUMMARY.
|
||||
|
||||
Extract all the tools you noticed there was mention and gather them with one line description into a section called TOOLS.
|
||||
|
||||
@ -40,7 +40,7 @@ Ensure all output timestamps are sequential and fall within the length of the co
|
||||
|
||||
You only output Markdown.
|
||||
|
||||
In the markdown, use formatting like bold, highlight, headlines as # ## ### , blockqoute as > , code block in neccenary as ``` {block_code} ```, lists as * , etc. Make the output maximally readable in plain text.
|
||||
In the markdown, use formatting like bold, highlight, headlines as # ## ### , blockquote as > , code block in necessary as ``` {block_code} ```, lists as * , etc. Make the output maximally readable in plain text.
|
||||
|
||||
Create the output using the formatting above.
|
||||
|
||||
|
@ -24,15 +24,15 @@ Text: The characteristics of the Dead Sea: Salt lake located on the border betwe
|
||||
|
||||
Create cards based on the above text as follows:
|
||||
|
||||
Q: Where is the Dead Sea located?
A: on the border between Israel and Jordan
|
||||
Q: What is the lowest point on the Earth's surface?
A: The Dead Sea shoreline
|
||||
Q: What is the average level on which the Dead Sea is located?
A: 400 meters (below sea level)
|
||||
Q: How long is the Dead Sea?
A: 70 km
|
||||
Q: How much saltier is the Dead Sea as compared with the oceans?
A: 7 times
|
||||
Q: What is the volume content of salt in the Dead Sea?
A: 30%
|
||||
Q: Why can the Dead Sea keep swimmers afloat?
A: due to high salt content
|
||||
Q: Why is the Dead Sea called Dead?
A: because only simple organisms can live in it
|
||||
Q: Why only simple organisms can live in the Dead Sea?
A: because of high salt content
|
||||
Q: Where is the Dead Sea located? A: on the border between Israel and Jordan
|
||||
Q: What is the lowest point on the Earth's surface? A: The Dead Sea shoreline
|
||||
Q: What is the average level on which the Dead Sea is located? A: 400 meters (below sea level)
|
||||
Q: How long is the Dead Sea? A: 70 km
|
||||
Q: How much saltier is the Dead Sea as compared with the oceans? A: 7 times
|
||||
Q: What is the volume content of salt in the Dead Sea? A: 30%
|
||||
Q: Why can the Dead Sea keep swimmers afloat? A: due to high salt content
|
||||
Q: Why is the Dead Sea called Dead? A: because only simple organisms can live in it
|
||||
Q: Why only simple organisms can live in the Dead Sea? A: because of high salt content
|
||||
|
||||
# STEPS
|
||||
|
||||
|
@ -43,11 +43,11 @@ Follow the following structure:
|
||||
|
||||
- For each HTTP request included, understand the purpose of the request. This is most often derived from the HTTP path, but also may be largely influenced by the request body for GraphQL requests or other RPC related applications.
|
||||
|
||||
- Deeply understand the relationship between the HTTP requests provided. Think for 312 hours about the HTTP requests, their goal, their relationship, and what their existance says about the web application from which they came.
|
||||
- Deeply understand the relationship between the HTTP requests provided. Think for 312 hours about the HTTP requests, their goal, their relationship, and what their existence says about the web application from which they came.
|
||||
|
||||
- Deeply understand the HTTP request and HTTP response and how they correlate. Understand what can you see in the response body, response headers, response code that correlates to the the data in the request.
|
||||
|
||||
- Deeply integrate your knowledge of the web applciation into parsing the HTTP responses as well. Integrate all knowledge consumed at this point together.
|
||||
- Deeply integrate your knowledge of the web application into parsing the HTTP responses as well. Integrate all knowledge consumed at this point together.
|
||||
|
||||
- Read the summary provided by the user for each request 5000 times. Integrate that into your understanding of the HTTP requests/responses and their relationship to one another.
|
||||
|
||||
@ -98,7 +98,7 @@ EXAMPLE OUTPUT:
|
||||
**Title:** Reflected XSS on site.com/renderHTML Results in Account Takover
|
||||
|
||||
## Summary:
|
||||
It is possible for an attacker to exploit a Reflected XSS vulnerablility at `https://site.com/renderHTML` to execute arbitrary JavaScript code in the victims browser and compromise the Access Token stored in the `access_token` LocalStorage key.
|
||||
It is possible for an attacker to exploit a Reflected XSS vulnerability at `https://site.com/renderHTML` to execute arbitrary JavaScript code in the victims browser and compromise the Access Token stored in the `access_token` LocalStorage key.
|
||||
|
||||
## Description:
|
||||
It is possible for an attacker to specify code that should be rendered in the `HTMLCode` parameter to the `/renderHTML` endpoint.
|
||||
|
Loading…
x
Reference in New Issue
Block a user