Twitter | Pretraživanje | |
Julian Cohen
I hate when security folks say "attackers only have to win once, defenders have to win every time" because it's flawed thinking. Thanks for this: "Actually, an attacker can win everywhere and as a defender you only have to find them once"
16:58 - 27. ruj 2019.
Reply Retweet Označi sa "sviđa mi se" More
Aaron Grattafiori 28. ruj
Odgovor korisniku/ci @HockeyInJune @haroonmeer
💯
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
418: No Coffee 4 U 🤖 28. ruj
Odgovor korisniku/ci @HockeyInJune @dinodaizovi @haroonmeer
But you do have to find them, not just a IP or an addresd but physically lay hands on them & then make sure they are stopped Otherwise they will be back as someone else in no time
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Matthew Hall 28. ruj
Odgovor korisniku/ci @HockeyInJune @haroonmeer
I suppose it depends on what your definition of “win” is. A single compromise might be a “win” which can be detected by blue team within time. Or it could be “I’ve been on your network for years without you noticing and left of my own terms”. Ymmv
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
D̒͂̕ᵈăᵃn̕ᶰ Ť̾̾̓͐͒͠ᵗe͗̑́̋̂́͡ᵉn̅ᶰtᵗl̀̓͘ᶫe̓̒̂̚ᵉrʳ 25. sij
Odgovor korisniku/ci @HockeyInJune @singe @haroonmeer
"defenders have to defend the whole castle and attackers only have to find one entrypoint to gain access" - true. but it gets turned on its head soon as the attackers get a shell: "attackers make ONE MISTAKE, and their entire c2 infra is burned and they have to rebuild"
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"