← @kwm Twitter archive



@DanielGallagher With few exceptions, malware campaign takedowns lack value.

A takedown may costs 100s or 1000s of man hours, and to respawn infrastructure costs the actor nothing.

Sharing detection and simulation info can protect many.

Openly sharing mitigation info can protect the most.

1/2/2018, 2:59:14 PM

Favs: 1

Retweets: 0



@DanielGallagher While it would be great to see more energy spent on interdiction, creating policies that allow open sharing of information related to testing and detection would have a huge impact, lower cost.

The promised land: An increase in applied research related to mitigation.

1/2/2018, 3:02:47 PM

Favs: 4

Retweets: 2