Would you rather have 10 0-day, or 10,000 vulns that were technically public, but no VDB or vuln scanner knew about? Justify your answer.
@seccubus Theoretically you can. Reality, you can't know when a vuln lib is used in something you have deployed, and don't realize.
-
-
@attritionorg just read up on your trail with Dan. Dealing with unknown unknows requires resilliancy iso security. -
@seccubus 10 oday = unknown unknowns. how about the 10k "unknown knowns" =) -
@attritionorg 1 hole can sink a ship, but plenty os ships have holes and cross the ocean. -
@seccubus you think that of the 10k holes, a few aren't as big as the 'sink' ones? -
@attritionorg that why I believe in solutions like#bromium have the future, and av is losing the race. -
@seccubus these are classic vulns, not malware/virus. you wouldn't expect AV to catch any of them. -
@attritionorg av never spots vulns, just exploits. However it can only spot known exploits, so helpless in either case.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.