Back when I did Black Ice, the first IDS event it triggered on was “traffic seen”. It continuously checked it’s healthhttps://twitter.com/GossiTheDog/status/1143636007218290688 …
-
-
Okay but first deploy 95% protection with a few mouse clicks
-
You polish that
. You and I both know that if antivirus is the only thing standing between attackers and your network, you sure as hell are not 95% secure. - 7 more replies
New conversation -
-
-
Make sure you have another job lined up for when your CEO realizes you locked out his stock market ticker app.
-
Yes, you should have another job lined up, because that could have been easily avoided with a deployment plan - you do a rollout in audit mode first before you enable enforcing

- 6 more replies
New conversation -
-
-
Hey, network defender here. Deploying application whitelisting at enterprise scale is hard. Not quite as hard as getting Microsoft to patch that DoS vuln of yours...but it ain’t easy. In some cases, it’s flat out infeasible.
-
Nobody claimed it's easy, it's hard, but you need to make it feasible! Think of it like this, switching from homeopathy to antibiotics at scale is hard, but you sure as hell better make it work, because one of those things actually works.
End of conversation
New conversation -
-
-
Number one reason AV deployment required: outdated audits requirements like FedRAMP, PCI, etc.
-
I think it's not a good excuse, any competent auditor will accept that AppLocker fulfills that requirement.
- 1 more reply
New conversation -
-
-
Holy shit I thought I was the only person in the whole heckin world who still says this phrase ("deck chairs..."), everyone looks at me like I'm crazy
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
