[uncomputation]

Yes. No one likes a sore winner. Providing your customers with assurances? Good. Providing tips to Okta customers? Sure. Publicly chastising another company you do business with? Unnecessary. That should be kept private. Just my opinion

[toomuchtodo]

I am responsible for spending several hundred thousand dollars a year with Cloudflare (out of my budget). I like this style. Don’t want to get called out, get your org fixed. This is somewhere between the third and fifth breach, depending on how you’re counting.

[landemva]

Are you going to move your spend, or is having a 3rd party sling words good enough for you?

[toomuchtodo]

Edit: removed for subthread cleanup.

[landemva]

My bad ... cf not okta.

[tchbnl]

This is the _second_ time this has happened, and it's clear Octa hasn't learned any lessons. So Cloudflare is right to call them out, and Okta should be embarrassed. What surprised me about this post is that they didn't say they were dropping them. Okta is a vulnerability to any organization.

[forkerenok]

> Publicly chastising another company you do business with? Unnecessary.

I think this makes more sense for strategic business partners. In the Cloudflare-Okta case I'd wager that their relationship is fairly transactional.

[StressedDev]

I am not sure I would call CloudFlare a “winner” in this case. They did not win anything by getting hacked.

[Kinrany]

They do win some points on having better security than a popular security product, considering Cloudflare's own security posture is also quite important to their customers.

[StressedDev]

Agrees - CloudFlare and its employees did outstanding work. My main point was calling CloudFlare a sore winner did not make sense because they did not win anything.

Also, I think CloudFlare’s blog post was very good.