In the past I posted what I called a law of a threat hunter, but thought we could probably generalize and expand it a bit more, and in the end I came up with this list:
The law of a threat hunter
For every two most distant technologies there exist a developer that will bring them together.
The law of an end user
The end user is not a security control.
The law of a mind blowing / disrupting product / service offering
Congratulation on your Quality Assessment of an unfinished product opportunity.
The law of a vendor promise
It works in our lab. We have it on our roadmap. Defo in our next release.
The law of a infosec certification
You are certified to have a certification.
The law of an infosec advice
It’s most of the time a subjective, biased opinion.
The law of an Infosec Though Leader
The law of a novel cyber idea
McAfee did it first.