DEV Community: Nikita Koselev

From 325 Repos to Clarity — How I Used AI to Build a GitHub Cleanup Tool in Hours

Nikita Koselev — Sun, 10 Aug 2025 19:14:38 +0000

🌍 From “too many ideas” to working solutions — with AI as my partner

I’ve always had more ideas than I could possibly execute:

Some could help communities
Some could help businesses
Some could simply make life easier

In the past, many stayed on paper — hiring a team of 45 developers and business experts wasn’t realistic (or so a younger version of me thought).

Today, I work with AI agents. They’re not a replacement for great human experts — but when used well, with a human in the loop, they can create good enough value fast.

AI gives me the leverage to turn ideas into working tools without the huge upfront cost. And because I believe in the power of open collaboration (a value I embraced as an OpenUK Ambassador), I always make at least part of my tools open source.

💡 My approach:

Build tools for my own use first
Share them — always at least partly open source
Monetise where extra functionality or dedicated support is needed

🛠 The latest example — GitHub Cleanup Tool
I recently faced a messy, time-wasting problem: 325 GitHub repositories full of old projects, abandoned experiments, and duplicates.

Manually cleaning it up? Not going to happen. It just takes too long and would have helped only one person - me.

So in just a few hours — using AI to help me design and refine the build — I created a Python-based automation tool that:

Audits all repositories and gives actionable summaries
Lets me archive, privatise, or delete with interactive safeguards
Protects critical repos automatically
Exports results for reporting and compliance

This wasn’t about saving a few clicks.
It was about reducing mental clutter so I can focus on high-impact work — the same principle I apply to business processes when I look for automation and AI opportunities.

Interested? Here is more:
📦 Open Source & Full Write-Up Blog post with screenshots and stuff
📦 GitHub repo github-repositories-cleanup

💬 Let’s collaborate
If you have a business case that could be solved with automation or AI — and it fits within my employer’s (Mastercard) policies — I’d be happy to explore building it.

AI Assistance:
This article was drafted with the help of ChatGPT and then reviewed, edited, and fact-checked by me before publishing.

Extreme Ownership of Your Career — the Open Source Way

Nikita Koselev — Sun, 06 Apr 2025 18:05:47 +0000

How much time do you think Linus Torvalds spends job hunting?

Not polishing his CV. Not writing cover letters. Not DMing people asking for referrals.

Exactly. Probably zero.

Because Linus did what anyone can do, at any level: He grew so much, in the open, delivering real value to a real community — that the market couldn’t ignore him anymore.

Now ask yourself:

Are you spending 80% of your time applying… or 80% of your time growing?

If you’re stuck in the “there are no jobs for juniors” trap, or waiting for someone to give you a break — let me offer a different route:

Extreme ownership. The open source way.

🔥 1. Pick a Project That Grows You + the Ecosystem
Just one. Something that solves a real problem and is aligned with where you want to be 3–5 years from now. Start contributing. Not just code — clarity, docs, tests, community support. Let people see you care and deliver.

Don’t ask for permission. Just ship value.

🔁 2. Build in Public
Document your journey. Post wins. Post roadblocks. Post lessons.

You don’t need to be an “influencer” — you just need to be visible. That’s how your signal cuts through the noise.

🧠 3. Spend 80% of Your Time on Value Creation, Not Job Hunting
Job boards feel productive. But most of the time? They're just digital scratching — the illusion of motion.

Instead:

Go deep on one project.

Grow your network in the right circles.

Build something that matters.

Volunteer where strategy meets action — meetups, open source orgs, community tooling.

Let recruiters chase you because your work speaks louder than your inbox.

🤝 4. Ask for Referrals — the Extreme Ownership Way
Even when you ask for help — do it like an owner. Not like someone hoping to be saved. Like someone who's done the work and shows up with clarity and respect.

Here’s how:

✅ Be clear about your goal 🔗 Include a direct link to the role 📄 Share a clean, well-structured, text-based CV — optimized for the role 📬 Include your full name, email, and phone 🧠 Show that you’ve already done your research

💡 Tip: A tidy, role-focused CV isn’t just easier to refer — it signals that you already operate like someone who belongs in the role.

Because referrals aren’t charity. They’re reputation transfers. Make it easy for someone to say: “Yes. I believe in this person.”

💡 Final Thought
There’s another way forward — one that’s not about job titles, but about momentum and ownership.

You don’t have to be famous. You just need to be undeniable in your space.

And the open source path? It’s not just for maintainers and rockstars. It’s for anyone ready to trade “waiting” for “building.”

Own your growth. Grow your community. And watch how fast the right doors open.

📬 On this journey yourself? I’m happy to share what I’ve learned from building both inside enterprise and in open communities.

Let’s connect: My Linkedin

Practical LLM - Matching and Ranking by Erik Schmiegelow, CEO of Hivemind Technologies AG

Nikita Koselev — Wed, 17 Jul 2024 20:55:04 +0000

Last week, I had the pleasure of attending the Mindstone.ai meetup in London, and it was an incredible experience! 🎉 The event featured three insightful talks, each packed with valuable information and forward-thinking perspectives.

Erik Schmiegelow, the CEO of Hivemind Technologies AG, delivered an eye-opening session on the practical applications of large language models (LLMs) in matching and ranking.

Here are some key takeaways:

Matching and Ranking with LLMs

Erik delved into the mechanics of how LLMs can be leveraged to enhance the accuracy and efficiency of matching algorithms. This has significant implications for search engines, recommendation systems, and more.

Practical Applications

Real-world use cases were discussed, showcasing how LLMs are being used to solve complex problems in various industries, from e-commerce to information retrieval.

Implementation Strategies

Erik shared best practices for implementing these models in production environments, including tips on optimizing performance and maintaining scalability.

Key Points from the Slides:

RAG Architecture

Retrieval Augmented Generation (RAG) separates the model from the relevant internal data to tackle issues.
Step 1: Data is chunked using an embedding model and stored in a vector store.
Step 2: The model extracts relevant data from the vector store to create answers.

Typical LLM Tasks

Classification: Assign a set of classes to the input.
Summarisation: Summarise long-form input.
Entity Extraction: Extract attributes from unstructured input.

Programmatic Approach with LangChain

LangChain framework facilitates chaining LLM components such as prompt templates, agents, query endpoints, and inference endpoints.
LangChain Agents: Enable LLMs to execute tasks like calculations, database queries, and web lookups.

Common Approach

Use general-purpose LLMs (ChatGPT, Claude) with fine-tuned prompts.
Benefit: Minimal operational effort required.

Why it’s not Efficient

Cost: Inference endpoints charge based on tokens.
Latency: Large models can slow performance.
Other Concerns: Privacy, IP access, and compliance issues.

My Notes from the Talk:

Data Privacy: LLMs can recognize which data is private and what is not, addressing some data privacy concerns.
LangChain: Known as a pragmatic approach to thinking about large LLMs, allowing the creation of a chain of execution. LangChain's "agents" can handle complex questions and enhance LLM capabilities.
Hallucinations: LLMs can’t reason and try to create something that is "most likely" true rather than actually true, akin to some management consultants (Erik’s joke).
Composable Architecture: Allows the use of smaller models for specific tasks.
CV Matching App: Helps process resumes, identifies candidate qualities, generates job offers, and solves problems that rule-based systems can't.
Audience Questions:
- Bias Guarding: Models can be protected from bias through normalization processes.
- Open Source: Many open-source projects and communities, particularly around green software, are good entry points to LLMs.
- Fighting Bias: LLMs can work on non-specific keywords, basing their work on meaning rather than specific words.
- Cost-Effective LLMs: Small, specialized LLMs often provide better quality for reasonable costs.

Erik's talk provided a deep dive into the transformative power of LLMs in modern technology landscapes. It was a fantastic learning experience, and I left with a lot of actionable insights. 💡

A huge thank you to Joshua Wohle from Mindstone.ai and Barry Cranford from RecWorks (the most community-supportive recruiting agency in the UK) for organizing and sponsoring this fantastic event.

Please find some of the photos attached.

P.S. The article was created with a ton of my notes, photos and some help from ChatGPT.

Solving the Problem of Quick AI Access and Chat Organization with M.A.I.S.E.Y. on Telegram

Nikita Koselev — Fri, 31 May 2024 07:07:28 +0000

As an avid user of AI tools like ChatGPT, I’ve encountered recurring problems: losing time finding the right window to ask or check something simple, or deciding not to ask at all to avoid the hassle. Recently, I discovered M.A.I.S.E.Y., an AI tool integrated within Telegram, which has significantly streamlined my AI interactions and solved these issues.

The Problem: Time Loss and Chat Disorganization

Using ChatGPT for quick queries typically involves:

Finding and opening the browser or ChatGPT application.
Navigating to the correct tab or window.
Avoiding disrupting the organized chat history dedicated to specific topics.

In my personal experience, this process can be cumbersome and discouraging. For someone with ADHD like myself, these delays can lead to significant distraction and decreased productivity. Additionally, I strive to keep my ChatGPT organized, with specific chats dedicated to distinct projects or topics. Using it for daily, trivial questions risks cluttering important conversations.

The Solution: M.A.I.S.E.Y. on Telegram

M.A.I.S.E.Y. (Machine-Learning Algorithm for Individualized Service Experience Yield) offers a solution by integrating AI capabilities directly within Telegram. Here’s how it addresses my needs:

Quick Switching:
- With M.A.I.S.E.Y., switching to the AI tool is nearly instantaneous. A simple alt-tab to the open Telegram window takes just 0.1 seconds, significantly faster than opening a browser or app.
User-Friendly Interface:
- Telegram’s interface is renowned for its simplicity and efficiency. M.A.I.S.E.Y. leverages this to provide a seamless experience, perfect for handling light AI tasks without the bulkiness of other platforms.
Enhanced Security:
- Telegram is known for its strong security features, adding an extra layer of confidence when interacting with AI tools.
ADHD Assistance:
- M.A.I.S.E.Y. helps me manage my ADHD by allowing me to quickly unload questions that would otherwise distract me. This quick access helps maintain my focus and streamline my workflow.
Maintaining Chat Organization:
- Using M.A.I.S.E.Y. for everyday queries prevents the disruption of organized, project-specific chats in ChatGPT, keeping my work streamlined and focused.

Features of M.A.I.S.E.Y.

M.A.I.S.E.Y. provides several key functionalities:

Analyzes User Dialogue: Interacts with chatbots to create a Client Profile with 56 classes.
Identifies User Needs: Determines preferences based on user dialogue and profile.
Generates Personalized Messages: Adapts facts into unique communication styles for each user.

Business Perspective: Targeted Advertising

One standout feature of M.A.I.S.E.Y. from a business perspective is its innovative approach to advertising. M.A.I.S.E.Y. builds detailed marketing profiles for users, ensuring that advertising is highly relevant. This means:

Either no advertising or very targeted advertising.
No more irrelevant ads cluttering the interface. For example, a vegetarian won’t see non-vegetarian recipe ads just because they once googled a non-veg lasagna recipe by mistake.

This targeted approach not only enhances user experience but also increases the effectiveness of advertising for businesses.

Practical Use Cases

In my daily routine, M.A.I.S.E.Y. has proven invaluable for tasks such as:

Asking for quick translations.
Checking nutritional information, like calorie counts.
Conducting light research without getting bogged down.

The speed and convenience of M.A.I.S.E.Y. make it my go-to for about 80% of my AI interactions.

Free Version and Paid Options

I’ve been using the free version of M.A.I.S.E.Y., which has been incredibly convenient. There are paid versions available, but the free version has met my needs without noticeable advertising or intrusions.

Learn More

For a deeper understanding of M.A.I.S.E.Y., check out this video where Nick, one of the creators, discusses the concept in detail:

Conclusion

I want to clarify that this is not a marketing article. I don't work for M.A.I.S.E.Y., but I genuinely like the concept and find it incredibly useful. M.A.I.S.E.Y. has transformed the way I use AI for quick tasks. Its integration within Telegram solves the problem of slow access and cumbersome interfaces, providing a streamlined, efficient, and secure alternative. Even the unpaid version of M.A.I.S.E.Y. is highly functional and non-intrusive, making it a compelling option for anyone looking to enhance their productivity with AI.

Interested in trying M.A.I.S.E.Y.? You can test it on Telegram here: M.A.I.S.E.Y. on Telegram.

Examples:

Full Line Code Completion by JetBrains: A Game-Changer for Secure, AI-Assisted Coding

Nikita Koselev — Thu, 04 Apr 2024 19:49:10 +0000

In an era where AI integration into development environments is becoming the norm, JetBrains has taken a monumental step forward with its latest feature, Full Line Code Completion. This innovation is not just about enhancing productivity; it's about redefining the boundaries of secure, AI-assisted coding.

The Security Edge

For teams operating under stringent security requirements, the adoption of AI technology has often been a balancing act between enhancing efficiency and safeguarding sensitive information. The Full Line Code Completion feature addresses this concern head-on by ensuring that all data processing occurs locally, on your machine. This means no data is sent to the internet, nor is it used for AI model training beyond your control. It's a significant stride towards maintaining the sanctity of your codebase, offering peace of mind to companies with tight security mandates.

Seamless Integration and Cost Efficiency

Another aspect where JetBrains has hit the mark is the integration of this feature into IntelliJ IDEs. Unlike other AI-assisted coding tools that require separate subscriptions, Full Line Code Completion is available at no additional cost to users with a valid IntelliJ license. This integration not only simplifies the developer's workflow but also represents a cost-effective solution for organizations aiming to leverage the latest in AI technology without inflating their budget.

Conclusion

JetBrains' Full Line Code Completion feature is a testament to the company's commitment to innovation, security, and user convenience. It opens up new possibilities for teams to harness AI's power in their coding endeavors without compromising on security or financial efficiency. For developers and companies navigating the complexities of secure coding practices, JetBrains offers a beacon of hope and a path forward in the age of AI-assisted development.

Embrace the future of coding with JetBrains and unlock the full potential of your development practices today.

Please find more here

Full Line Code Completion in JetBrains IDEs: All You Need to Know | The JetBrains Blog

Learn more about a new feature in v2024.1 of JetBrains IDEs – full line code completion.

blog.jetbrains.com

Mastering White Hat Hacking Without a Single Line of Code: A Non-Traditional Hacker's Journey

Nikita Koselev — Wed, 03 Apr 2024 18:33:32 +0000

In a world increasingly dominated by technology, cybersecurity emerges not just as a technical challenge but as a fundamental aspect of our digital existence. A recent episode from DarkNet Diaries, hosted by the insightful Jack Rhysider, throws light on an often-overlooked aspect of security - the human element. Featuring Rachel Tobac's eye-opening demonstration of ethical hacking on live TV and Daniel Miessler's insights on AI, this story is a must-hear for anyone interested in the intersection of technology, psychology, and business.

The Masterclass in Social Engineering

Rachel Tobac's segment on Sharyn Alfonsi's show is not just entertainment; it's education. With nothing but a phone and her wits, Rachel showcases how easily trust can be manipulated in the digital realm. This live demonstration of social engineering serves as a powerful reminder of our vulnerabilities, not in our systems, but in ourselves.

Why This Matters for Tech and Business

For tech enthusiasts and business professionals, Rachel's demonstration goes beyond a mere hack; it's a lesson in cybersecurity's human aspect. It highlights the need for robust, holistic security strategies that address not only technical vulnerabilities but also the psychological vectors through which breaches often occur.

Deepening Our Understanding of Social Engineering

Rachel's use of social engineering illustrates the complexity of human psychology and its implications for security. This tactic exploits our innate tendencies to trust and cooperate, turning these virtues into vulnerabilities. This episode not only entertains but also educates, providing deep insights into how social cues and trust can be manipulated in a world increasingly governed by digital interactions.

The Role of Awareness and Education

This story underscores the critical importance of security awareness training. In an era where technical defenses can be circumvented through simple social interactions, educating ourselves and our teams about the nuances of social engineering is crucial. Businesses must prioritize comprehensive training that covers not just the technicalities of security but also the human factors that often serve as the weakest link.

A Call for a Human-Centric Security Approach

Recognizing cybersecurity as both a technical and psychological challenge demands a reevaluation of our security measures. Integrating psychological defenses, fostering a culture of skepticism, and implementing rigorous verification processes are essential steps in fortifying our digital lives against the subtleties of social engineering.

Expressing Gratitude

A special thanks to Rachel Tobac for her enlightening demonstration and to Jack Rhysider for creating a platform through Darknet Diaries that brings these critical discussions to the forefront. Their contributions have not only educated but also inspired a more informed and cautious approach to cybersecurity.

Conclusion

The Darknet Diaries episode featuring Rachel Tobac's demonstration on live TV serves as a poignant reminder of the multifaceted nature of cybersecurity. As we advance in the digital age, let's embrace a more nuanced understanding of security, one that recognizes the human element as both a vulnerability and a strength. Let this episode be a catalyst for change, prompting us to adopt a more holistic and human-centric approach to cybersecurity.

I suggest you listen or read the whole episode. It is long (over 60 minutes), but it is absolutely worth it - EP 144: Rachel.

Navigating the Evolution of AI in Cybersecurity: Insights from Mastercard at #RiskX 2023

Nikita Koselev — Mon, 25 Mar 2024 09:33:58 +0000

In the digital era, the landscape of cybersecurity is perpetually evolving, with AI playing a pivotal role in defining the strategies employed by financial institutions to combat fraud. A recent session at #RiskX 2023, featuring insights from Giovanni Bruner, Rohit Chauhan, and Kaushik Gopal of Mastercard, provided a deep dive into the innovative approaches towards leveraging AI for fraud prevention. Though I wasn't physically present in Barcelona, the session's recording was a treasure trove of knowledge, mirroring the sunny city's warmth with bright ideas and forward-thinking discussions.

The Evolution of Cybersecurity at Mastercard: From Rules to Graphs

The cybersecurity narrative at Mastercard has transitioned significantly, from a rules-based approach to a more sophisticated, relationship-based, and eventually, to a graph-based strategy. This evolution reflects a broader shift in the industry, from static defenses to dynamic, interconnected systems that offer a holistic view of consumer and merchant interactions. The "graph view," as discussed, is not just a method but a paradigm shift, enabling a comprehensive perspective on transactions and their myriad connections, thereby enhancing the detection and prevention of fraudulent activities.

The 360-degree Challenge: Fraudsters' Collaboration vs. Our Response

One of the session's key revelations was the efficiency with which fraudsters collaborate, boasting a 360-degree view that allows them to adapt and strike swiftly across borders. This unsettling advantage calls for an equally robust response from the financial sector, emphasizing the need for greater collaboration and information sharing among institutions. The notion that fraudsters, despite their agility and technological savviness, constitute a finite group, offers a glimmer of hope. It underscores the potential impact of a united front by financial institutions to combat fraud more effectively.

Consortium Models: A Beacon of Collaborative Effort

The discussion around consortium models was particularly enlightening, presenting them as a crucial component in the battle against fraud. These models facilitate a collaborative environment where information on fraud schemes, detected in various sectors or geographies, can be shared and leveraged to preempt similar attacks. This system of indirect information sharing is a testament to the power of collective effort, enabling participants to safeguard their operations by learning from incidents outside their immediate purview.

Mastercard's Cyber and Intelligence Initiative

The efforts of Mastercard Cyber and Intelligence in fostering a secure digital future through a range of identity, cybersecurity, and AI technologies resonate with the broader mission of creating safer digital spaces. Their focus on enhancing customer experience while detecting fraudulent behavior, mitigating risks, and leveraging AI and network services is pivotal in shaping a secure ecosystem for financial transactions.

Embracing the Future of AI in Cybersecurity

The insights from #RiskX 2023 serve as a reminder of the dynamic nature of cybersecurity and the critical role AI plays in shaping its future. As we venture further into this digital age, the principles of evolution, collaboration, and innovation in cybersecurity practices highlighted in the session underscore the path forward. By embracing these strategies, especially the potent combination of AI and collaborative models, the financial sector can not only anticipate but also counteract the ever-evolving threat landscape of fraud.

The journey towards a more secure digital future is a collective one, necessitating shared insights, experiences, and technologies. As we stand on the brink of this exciting evolution, the role of platforms like Mastercard Cyber and Intelligence in leading the charge cannot be overstated. Their commitment to leveraging every tool and piece of data at their disposal to protect customers exemplifies the proactive and collaborative stance the industry needs to adopt.

Let's continue to champion these advancements, ensuring that as the capabilities of AI grow, so too does our capacity to use them in safeguarding the digital frontier. For those interested in delving deeper into these discussions and exploring the innovative strategies highlighted at #RiskX 2023, I highly recommend watching the full session. It's not just a window into the future of financial cybersecurity but a blueprint for collaborative success in the digital age.

🎥 Watch the insightful session here:

[Video] Nikita Koselev on LinkedIn: #riskx #riskx #aiinfinance #fintech #fraudprevention #cybersecurity…

**Reflecting on the Evolution of AI and Fraud Prevention: Insights from #RiskX 2023** While I wasn't personally in sunny Barcelona for #RiskX 2023, watching…

linkedin.com

Navigating the Future of Open Source Security: Insights from Industry Leaders

Nikita Koselev — Mon, 04 Mar 2024 09:28:15 +0000

In a pivotal panel discussion held on February 7th, as part of the State of Open Con 2024, industry experts convened to explore the evolving landscape of open source security. The session titled "The Future of Open Source Security" featured Rebecca Rumbul, Executive Director/CEO of the Rust Foundation, Stephen Augustus, Head of Open Source at Cisco, Victoria Ontiveros from CISA, and Omkhar Arasarantnam, General Manager of OpenSSF. This diverse panel brought together perspectives from leading organizations and government to address the current challenges and chart a path forward for securing the open source ecosystem.

The complete discussion can be viewed here:

Current State of Open Source Security

The panelists began by assessing where the open source community currently stands in terms of security. It was a consensus that while there have been significant advancements in security practices, the community often finds itself oscillating between confidence in its security measures and being blindsided by vulnerabilities. This highlights an ongoing process of maturation where successes in implementing technologies like Sigstore or SBOMs are occasionally marred by emerging vulnerabilities.

The Evolving Dialogue on Security

A key theme discussed was the shift towards a more proactive approach to open source security. This involves a collaborative effort among software consumers, open source developers, and government entities to not only address vulnerabilities as they arise but to prevent them through secure design and development practices. The panel underscored the importance of this tripartite engagement in fostering a more secure open source ecosystem.

Government and Open Source Security

The role of government, particularly through agencies like CISA, in securing open source software was highlighted by Victoria Ontiveros. The focus is on understanding the open source software utilized within federal systems and critical infrastructure, ensuring their security, and fostering a productive relationship between the government and the open source community. This relationship is crucial for the protection of national security and public health, given the pervasive use of open source software in critical infrastructure.

Successes and Challenges Ahead

The panel shared their organizations' successes in enhancing open source security, from Cisco's comprehensive approach to vulnerability management to OpenSSF's role in promoting collaboration across the tech industry and government. However, as technology continues to evolve rapidly, the panel recognized the ongoing need for adaptation and proactive measures to address future threats.

The Future of Open Source Security

Looking ahead, the panelists emphasized the importance of community involvement, transparency, and education in advancing the security of open source software. They called for a collective effort to prioritize security as a core value within the open source community, advocating for individual and organizational responsibility in risk assessment and mitigation.

Conclusion

The "Future of Open Source Security" panel discussion at State of Open Con 2024 offered valuable insights into the challenges and opportunities facing the open source community in securing its ecosystem. As the dialogue between software developers, consumers, and government continues to evolve, it is clear that a collaborative, proactive approach is essential for the future of open source security.

For more details on the event and speakers, visit the event schedule: State of Open Con 2024 - The Future of Open Source Security.

Navigating the Future of Open Source Security: Insights from Industry Leaders

Nikita Koselev — Mon, 04 Mar 2024 09:28:08 +0000

The complete discussion can be viewed here:

Current State of Open Source Security

The Evolving Dialogue on Security

Government and Open Source Security

Successes and Challenges Ahead

The Future of Open Source Security

Conclusion

For more details on the event and speakers, visit the event schedule: State of Open Con 2024 - The Future of Open Source Security.

She Speaks Like a Leader: A Journey to Finding Your Voice

Nikita Koselev — Sat, 02 Mar 2024 11:01:21 +0000

In a compelling blend of personal insight and practical advice, "She Speaks Like a Leader" by Mariette Richardson emerges not just as a guide to mastering the art of communication, but as a transformative journey towards self-awareness, confidence, and leadership. This book stands as an invaluable resource for individuals across all walks of life, encouraging readers to explore and harness the power of their voices.

Unveiling the Power of Voice and Confidence

Mariette Richardson delves into the often-overlooked aspect of communication: the power of voice and the confidence to use it effectively. Through her exploration, Richardson reveals that the challenge most people face is not in the quality of their voice but in their confidence to speak up. This revelation is a cornerstone of the book, setting the stage for a deeper understanding of the psychological barriers that hinder effective communication.

Courage to Communicate

Richardson addresses the common scenario of hesitating to speak up in meetings, identifying it as a symptom of a lack of courage rooted in self-doubt. With empathy and understanding, she invites readers to confront their fears, offering guidance on how to overcome these challenges and assert their voices confidently.

The Physicality and Resonance of Voice

The book provides insightful techniques for strengthening one's voice, emphasizing that a strong voice is characterized by its richness, resonance, and clarity. Richardson introduces simple, yet effective exercises to help readers discover their unique tone, thereby enhancing their vocal presence and authority.

The Art of Effective Communication

Richardson argues that true leadership is achieved through effective communication, urging readers to shift from merely talking to genuinely connecting with their words. She emphasizes the importance of word choice and the energy behind words, highlighting the potential of communication to either harmonize or disrupt.

Emphasizing Listening and Empathy

A pivotal message of the book is the significance of listening and humility in communication. Richardson advocates for empathetic listening and respectful exchange of opinions as key to resolving conflicts and fostering understanding.

Confronting Self-Doubt and Embracing Failure

The book tackles the challenges of self-doubt and imposter syndrome, offering solace and strategies for overcoming these internal battles. Richardson's reference to "The Inner Game of Tennis" provides a powerful metaphor for self-acceptance and the magic that unfolds when we stop judging ourselves harshly.

Mindfulness and Presence

Richardson also explores the role of mindfulness and presence in effective leadership and communication. She underscores the importance of being fully present and self-aware, advocating for mindfulness practices as tools for stress reduction and enhanced clarity.

Beyond Communication: A Guide to Living

"She Speaks Like a Leader" transcends its premise as a communication guide, evolving into a manifesto on living with authenticity and leading with purpose. Richardson's integration of personal anecdotes and references to other thought leaders enriches the narrative, making it not only informative but deeply inspiring.

For anyone looking to elevate their communication skills, increase their presence, and lead more effectively, "She Speaks Like a Leader" is an essential read. It's a book that not only teaches you how to speak but also how to listen—both to others and to yourself. It's about finding your voice in the cacophony of life and using it to forge connections, inspire change, and lead with conviction.

For those interested in embarking on this transformative journey, the book is available for purchase here: She Speaks Like a Leader on Amazon.

Mariette Richardson's work is more than just a book; it's an investment in yourself, offering the tools and insights needed to change for the better and foster a more positive outlook on life and your place within it.

Embracing Transparency: Dr. Allan Friedman's Vision for Open Source Security

Nikita Koselev — Tue, 20 Feb 2024 20:24:39 +0000

At the recent State Of Open Conference 2024 (SOOCon24), Dr. Allan Friedman, a leading figure in cybersecurity from the Cybersecurity and Infrastructure Security Agency (CISA), shared profound insights on the future of cybersecurity within the open source community. His keynote not only highlighted the challenges faced by the community but also offered a roadmap towards a more secure digital future through the lens of transparency and collaboration.

The Foundation of Open Source: Transparency

Transparency is the bedrock upon which the open source community is built. However, as Dr. Friedman elucidated, its significance extends far beyond the availability of source code; it's about creating an ecosystem where security practices, vulnerabilities, and solutions are openly shared. This approach not only aids in early detection and resolution of security issues but also fosters a culture of trust and collective responsibility.

The Strategic Role of SBOMs and VEX

A pivotal part of Dr. Friedman's talk centered on the importance of Software Bill of Materials (SBOMs) and the Vulnerability Exploitability eXchange (VEX). SBOMs provide a detailed inventory of software components, enhancing visibility and aiding in risk management. Complementarily, VEX documents offer attestation regarding the exploitability of components, streamlining the vulnerability management process. Together, they empower developers, choosers, and operators with the information needed to secure software more effectively.

Shifting the Paradigm: From Attacker Roadmaps to Defender Guides

Dr. Friedman challenged the conventional fear that transparency might inadvertently aid attackers. He proposed a paradigm shift towards equipping defenders with scalable roadmaps, enabling them to understand and focus on genuine threats. This shift from a reactive to a proactive security posture is crucial for the open source community's resilience against cyber threats.

The CISA Open Source Software Security Roadmap

Highlighting the "CISA Open Source Software Security Roadmap," Dr. Friedman underscored the concerted efforts being made to secure the open source ecosystem. This roadmap lays out a strategic framework for vulnerability disclosure, SBOM adoption, and the promotion of security best practices, emphasizing the government's role in bolstering open source security.

Towards a Future of Radical Transparency

Dr. Friedman's call for "radical transparency" underscores the need for open disclosure of vulnerabilities and security strategies. This approach, he argues, is vital for preparing and protecting against threats in a collaborative manner. As the open source community continues to grow, embracing radical transparency will be key to ensuring its sustainability and security.

Conclusion

Dr. Allan Friedman's insights at SOOCon24 serve as a clarion call to the open source community to embrace transparency, collaboration, and proactive security measures. By adopting SBOMs, VEX, and committing to open communication, the community can navigate the complex landscape of cybersecurity threats and safeguard our digital infrastructure. As we move forward, it's clear that transparency isn't just a principle; it's our strongest tool in the fight for a more secure open source ecosystem.

For a deeper dive into Dr. Friedman's vision and insights, watch the full recording of his talk at SOOCon24: .

The State Of Open Conference 2024

Nikita Koselev — Mon, 19 Feb 2024 18:38:35 +0000

The State Of Open Conference 2024 (SOOCon24), hosted in London, highlighted the burgeoning power of open source, embodying a commitment to inclusivity, innovation, and community within the tech world. The event showcased the UK's leadership in the open technology realm, drawing enthusiasts, businesses, and community members together in a celebration of open source principles.

Championing Accessibility and Engagement

SOOCon24 made a significant effort to ensure broad participation through affordably priced tickets, thanks to the generous backing of sponsors. This initiative reflects a deep commitment to making the event accessible, allowing a diverse group of participants to engage with the forefront of open source discussions and innovations.

Showcasing Open Source Leaders

The conference was illuminated by the presence of influential figures such as Andrew Martin, Amanda Brock, and Chi Onwurah MP, each offering profound insights into the open source movement.

Andrew Martin provided a compelling narrative on the crucial intersection of security and open technology, setting a forward-thinking agenda for the discussions.
Amanda Brock, CEO of OpenUK, extended a warm welcome to attendees, underscoring the organization's mission to champion open source innovation and leadership both within the UK and globally.

Chi Onwurah MP, in her "Open Innovation for the Nation" keynote, explored the symbiotic relationship between open source and public policy. She advocated for open innovation as a catalyst for democratizing technology access and fostering national development.

Fostering a Future of Open Innovation

SOOCon24 facilitated a dynamic exchange of ideas and principles, underscoring the pivotal role of open source in driving technological and societal progress. The conference's commitment to inclusivity and its initiatives to ensure widespread access set a new standard for technology events, fostering a more connected and collaborative open source community.

For more details on the conference and to delve into the range of topics discussed, visit The State Of Open Conference website.

OpenUK website.

This article is the first in the series of my articles about the conference. Please stay tuned.