@HackingLZ I think that important classes of attack, particularly those that bypass widely adopted solutions, end up seeing the light of day despite restrictive licensing. Good red teams get enough reps, insight that they can shine a light on issues w/o doing full product pressure-tests.

← @kwm Twitter archive

Keith

@kwm

@HackingLZ MITRE ATT&CK evals, sometimes used as a punchline, are an example of what's possible on the tech side: In *most* cases, signal exists to detect most activity.

But this level of noise is operationally untenable for *most* teams. So the vendor gets beat up re: the noise floor.

11/18/2023, 10:07:02 AM

Favs: 2

Retweets: 0

link

Keith

@kwm

@HackingLZ I think that important classes of attack, particularly those that bypass widely adopted solutions, end up seeing the light of day despite restrictive licensing.

Good red teams get enough reps, insight that they can shine a light on issues w/o doing full product pressure-tests.

11/18/2023, 10:14:55 AM

Favs: 0

Retweets: 0

link