← @kwm Twitter archive



Wherever you stand on the OST debate: The availability of offensive security tools for signals analysis, creation of detection analytics is beneficial.

Cobalt Strike stands alone in Australia's disclosure as the tool withheld from vendors, but widely available to adversaries.

6/19/2020, 8:34:30 AM

Favs: 33

Retweets: 3



Withholding OSTs from vendors--as opposed to "defenders" in general--matters because vendors are in the unique position to detect once and defend millions.

Making tools selectively available to researchers, enterprise simply doesn't have the same impact.

6/19/2020, 8:48:22 AM

Favs: 2

Retweets: 0