Is making anonymized information on threats public really a lot different from sharing with some vetted private groups when it comes to intentionally or unintentionally disrupting that threat?
Show this thread
If an intrusion campaign is discovered and detected by a security vendor, is withholding a posthumous publication preventing others to defend? Is that just competive advantage or turning “proprietary” some information that should really be available to the entire community?
-
-
-
Is it really the role of the private sector to determine which threats should have the privilege of being kept secret, and particularly what are the true (current and future) intentions of the threat actor?
Show this thread -
And yes I pose the previous questions fully aware that the intent of most publications isn’t some altruistic effort for collective safety, but it’s just marketing and PR value.
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.