I'm a VZ DBIR fan, but @attritionorg raises impt questions about the vuln data. Solid answers could help everyone!https://blog.osvdb.org/2016/04/27/a-note-on-the-verizon-dbir-2016-vulnerabilities-claims/ …
@SpireSec @SushiDude they qualify "successful exploits" as matching the sig with SIEM data showing it was successful, FWIW
-
-
@attritionorg@SushiDude I'm guessing maybe the vulns in dbir are the successful ones that lead to breaches rather than blocks/infections. -
@SpireSec@SushiDude except, one of the top 10 is a remote DoS -
@attritionorg@SushiDude oops, right. Forgot they incorporate those... but same concept. -
@SpireSec@SushiDude also have a feeling the 1 local symlink priv esc on the top 10 list would be pushing it in that context -
@attritionorg@SushiDude yup, just guessing but@mroytman may have answers... -
@SpireSec@attritionorg@SushiDude hello friends. Blog post is the right medium - thorough response coming soon.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.