If anyone is wondering where the vuln data on pages 13-16 of the 2016 DBIR came from, it's IDS signatures.https://twitter.com/mroytman/status/589077391219167232 …
-
-
Replying to @EdwardsCP
@EdwardsCP@mroytman@raesene@VZDBIR@riskio Not sure how "correlation with open vulns" works. Implies a scanner too, maybe?1 reply 0 retweets 0 likes -
Replying to @EdwardsCP
@EdwardsCP@dguido@raesene@VZDBIR it is correlated with a vuln scanner, and IOCs post data from alienvault and Dell MSP.3 replies 0 retweets 1 like -
Replying to @mroytman
@mroytman@EdwardsCP@raesene@VZDBIR ok, so scanner detects vuln, then IDS later detects exploit heading to same server = exploited2 replies 0 retweets 1 like -
Replying to @dguido
@dguido@EdwardsCP@raesene@VZDBIR Publishing a follow up post with detailed methodology Monday too long for Twitter2 replies 0 retweets 2 likes -
Replying to @mroytman
@mroytman@EdwardsCP@raesene I know, I want to go to sleep too. I'm glad you're discussing origins, looking forward to the post but...1 reply 0 retweets 1 like -
Replying to @dguido
@mroytman@EdwardsCP@raesene ... my comment on fig11 was one of about 40 on the entire report. I'm not singularly concerned with only it.1 reply 0 retweets 1 like
@mroytman @EdwardsCP @raesene this twitter thread just went down a very specific and narrowing hole and now here we are discussing 3 pages
-
-
Replying to @dguido
@mroytman@EdwardsCP@raesene ok I'm out, 4am in Germany.0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.