After thinking about this for a day, I bet the short term for Immunity at Cyxtera looks a lot like the Microsoft Cloud Red Team.https://twitter.com/dguido/status/950374973830520832 …
-
Show this thread
-
e.g., Every datacenter client gets an automated Innuendo assessment, and VIP clients gets hands-on review from a consulting team.
@ram_ssk &@sachafaust from@InfiltrateCon 2015 comes to mind.https://vimeo.com/1332924222 replies 3 retweets 3 likesShow this thread -
Methods for the USG to "extend a security blanket" over domestic IT infrastructure has been a recurring topic in
@daveaitel's keynotes over the years, too. (I'm having trouble finding a reference now, but I know it's come up more than once)1 reply 1 retweet 0 likesShow this thread -
Replying to @dguido @daveaitel
First of all, congratulations
@daveaitel and team! Cyxtera made a fantastic move to include your talented team in the portfolio! I am going to pile on a couple of reasons, to Dan's incisive analysis, as to the why having an automated pentest/vuln tech gives the company an edge1 reply 1 retweet 3 likes -
Reason 1: Labelled data. Behavorial detections need lots (think lots) of different e.g.s of attack data, to do well in practice. What better way to produce attack data than an automated attack agent?
1 reply 2 retweets 0 likes -
Reasn 2: Diversity of attacks. We not only need labels, but different kinds (else we can easily automate Powersploit) - which I am also hoping your system will bring to the table.
1 reply 0 retweets 0 likes -
Reasn 3: A nice test box. We not only need diversity +labels, but also a environment to continuously test. AlphaGo worked bcos it could play Go million times with itself. An automated defense system (like
@MSwannMSFT ETW system) needs an automated attack agent for self play!1 reply 2 retweets 1 like -
So, for the aforementioned, by acquiring Immunity, I predict Cyxtera's defense will get better. If not, they are not reaping the full potential of these amazing engineers!
1 reply 1 retweet 1 like -
Oh
@dguido and@daveaitel - Does this mean, my dreams of holding an "ML for Red Teaming" tutorial at your conference is quashed? Hopefully, that good deed continues to happen!1 reply 0 retweets 0 likes
I'm sure you can come and speak at @InfiltrateCon or @EmpireHacking any time on that topic! Thanks for your thoughts, they were very insightful.
-
-
Replying to @dguido @daveaitel and
Oh man! Thanks for your kind words, Dan!
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.