Also a defence-in-depth strategy is required for any larger organisation. Monitoring network traffic to the internet, patch management, web screening etc. You'll never get to 100% but additional layers can soon create a pretty secure environment.
That's a good thing, if you have to pull off an impressive attack that Martjin would say is "outside of our threat model", then wonderful! The alternative is just mail a new exe and get a shell, which AV vendors would say "well, nobody's perfect!".
-
-
Hey, there's a difference between "outside your threat model" and "not featuring prominently in your threat model". For most (not all!) users "opening attachments in spam" features more prominently than "nation state leveraging AV vulnerabilities".
-
And again, I like a whitelisting based approach. I've recommended iPhones to people who are high value targets for that reason (though I have an Android phone myself). I'm totally fine with more orgs discovering this approach to security.
- 15 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
