Back when I did Black Ice, the first IDS event it triggered on was “traffic seen”. It continuously checked it’s healthhttps://twitter.com/GossiTheDog/status/1143636007218290688 …
-
Show this thread
-
Replying to @ErrataRob
Sorry, but I disagree. The only possible reason AV health could make a difference is if you have users who can and will run arbitrary untrusted code. Don't rearrange deck chairs on the titanic, figure out how you're going to deploy AppLocker or Bit9 or equivalent.
8 replies 3 retweets 30 likes -
Replying to @taviso @ErrataRob
Okay but first deploy 95% protection with a few mouse clicks
2 replies 0 retweets 12 likes -
Replying to @SwiftOnSecurity @ErrataRob
You polish that
. You and I both know that if antivirus is the only thing standing between attackers and your network, you sure as hell are not 95% secure.1 reply 1 retweet 8 likes -
Replying to @taviso @ErrataRob
Tavis I’m a Windows admin all I do is polish turds.
1 reply 2 retweets 46 likes -
2 replies 0 retweets 5 likes
Eh, doesn't have to be that way, AppLocker is part of Windows. You can build a secure windows network. The first step is not claiming you're 95% secure because you installed mcafee 
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.