@dakami Taking extensive notes, and this is not a purely hypothetical by any means. Not sure if it will be a talk though. (it is reality)
-
-
Replying to @attritionorg
@attritionorg One caveat, I strongly prefer one 0day that works reliably against everything vs. 10,000 0days that I have to precisely target1 reply 0 retweets 0 likes -
Replying to @attritionorg
@attritionorg Man, it is *all* about the vectors. If there's some LibTIFF bug in a PHP install but I can't make it parse my img, no 0day1 reply 0 retweets 0 likes -
Replying to @attritionorg
@attritionorg@dakami so what you're saying is most of it is all FUD or what? Trying to follow this train...1 reply 0 retweets 0 likes -
Replying to @xxDigiPxx
@xxDigiPxx FUD? absolutely not. Dan just picked up on an important distinction. Maybe not 100k apps vuln, maybe "only" 10k?1 reply 0 retweets 0 likes -
Replying to @attritionorg
@attritionorg Thanks. Was just wondering if it was a poke at "the sky is falling" mentality, or focus on true attack surface and real 0days.1 reply 0 retweets 0 likes -
Replying to @xxDigiPxx
@xxDigiPxx This is no poke, this is true sociology and perception of value of vulns. Asking twitter because I don't know.4 replies 0 retweets 0 likes -
Replying to @attritionorg
@attritionorg If companies don't take it seriously, they only will when it costs them money or creates impact, so how do you "value" base it1 reply 0 retweets 0 likes
@xxDigiPxx They may take it "seriously", but base decisions on scanners and VDBs.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.