Back when I did Black Ice, the first IDS event it triggered on was “traffic seen”. It continuously checked it’s healthhttps://twitter.com/GossiTheDog/status/1143636007218290688 …
-
Show this thread
-
Replying to @ErrataRob
Sorry, but I disagree. The only possible reason AV health could make a difference is if you have users who can and will run arbitrary untrusted code. Don't rearrange deck chairs on the titanic, figure out how you're going to deploy AppLocker or Bit9 or equivalent.
8 replies 3 retweets 30 likes -
Replying to @taviso @ErrataRob
Hey, network defender here. Deploying application whitelisting at enterprise scale is hard. Not quite as hard as getting Microsoft to patch that DoS vuln of yours...but it ain’t easy. In some cases, it’s flat out infeasible.
1 reply 0 retweets 0 likes
Nobody claimed it's easy, it's hard, but you need to make it feasible! Think of it like this, switching from homeopathy to antibiotics at scale is hard, but you sure as hell better make it work, because one of those things actually works.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.