I generally think the analysis in the DBIR is poor and it assists in misleading enterprise defenders. Without further ado, here we go!
I'm going to live-tweet my observations about the 2016 Verizon DBIR as I read it. Judging by past years, it won't be pretty.
-
-
-
Oh cool, companies are getting worse at detecting breaches over time. This is my favorite graph every year.pic.twitter.com/UjPxhMvgRH
- 32 more replies
New conversation -
-
-
@alexhutton Here's some of my work from 2010: https://www.trailofbits.com/resources/exploit_intelligence_project_2_slides.pdf …, 2012: https://www.trailofbits.com/resources/mobile_eip_3.pdf … -
@alexhutton But I don't think this matters. 2016 DBIR has poor quality data and then fails to interpret it properly. It's misleading. - 1 more reply
New conversation -
-
-
@alexhutton I still have no idea who Brian is. I'm looking at text printed in the DBIR, citing data they got from Kenna. -
@alexhutton ... and the data is synthetic, and the accompanying analysis just counts aggregate numbers. It's the worst kind of analysis. - 1 more reply
New conversation -
-
-
@alexhutton Yeah, twitter sucks for this. Bottom line, I think DBIR can do better than aggregate vuln counting w/ IDS logs... -
@alexhutton Why not extract exploit use from incident data rather than import from Kenna? It's easier to map to patterns / groups that way. - 1 more reply
New conversation -
-
-
-
@chronic@thegrugq VDI is such a big trend that even AWS got in on it with a dedicated product offering: https://aws.amazon.com/workspaces/details/ … - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.