Tip to CISOs - every time you hear the phrase "defenders need to move at machine speed", drink.
-
Tip to CISOs - every time you hear the phrase "defenders need to move at machine speed", drink. It's AI sales speak for "buy our magic box".
-
Tip to CISOs - every time you hear the phrase "defenders need to move at machine speed", drink. It's AI sales speak for "buy our magic box".
Yes, it's true, some attackers use GenAI tools to make phishing emails or spit out Powershell. Based on existing attacks. That your existing controls should cover, as it's a repeat of existing attacks.
Vendors just need to do their jobs, not milk customers like it's a farm.
-
Yes, it's true, some attackers use GenAI tools to make phishing emails or spit out Powershell. Based on existing attacks. That your existing controls should cover, as it's a repeat of existing attacks.
Vendors just need to do their jobs, not milk customers like it's a farm.
@GossiTheDog >> Vendors just need to do their jobs, not milk customers like it's a farm.
As far as they’re concerned that *is* their job.
-
Yes, it's true, some attackers use GenAI tools to make phishing emails or spit out Powershell. Based on existing attacks. That your existing controls should cover, as it's a repeat of existing attacks.
Vendors just need to do their jobs, not milk customers like it's a farm.
@GossiTheDog But Kevin, think of the shareholders!
-
Tip to CISOs - every time you hear the phrase "defenders need to move at machine speed", drink. It's AI sales speak for "buy our magic box".
@GossiTheDog that magic box will contain a couple of new files, mostly ending in .png and .ico because of a recent buy, and stacks of often decades old and unmaintained open source python, perl and bash with some glue code from the first startup developers who threw it together years ago running on a years old Linux or freeBSD OS.
Doing regex matching and some string parsing.
But you’ll recognise the name and logo, so you’ll feel good about it.
-
@GossiTheDog that magic box will contain a couple of new files, mostly ending in .png and .ico because of a recent buy, and stacks of often decades old and unmaintained open source python, perl and bash with some glue code from the first startup developers who threw it together years ago running on a years old Linux or freeBSD OS.
Doing regex matching and some string parsing.
But you’ll recognise the name and logo, so you’ll feel good about it.
@avuko @GossiTheDog Don't forget that the magic box will have at least two different webservers installed, one proxying for the other, introducing funny double encoding bugs, RewriteMaps that fork shell scripts and all of their legacy bugs.
That's enterprise functionality!
-
@avuko @GossiTheDog Don't forget that the magic box will have at least two different webservers installed, one proxying for the other, introducing funny double encoding bugs, RewriteMaps that fork shell scripts and all of their legacy bugs.
That's enterprise functionality!
@christopherkunz @avuko @GossiTheDog no healthy upstream
-
@christopherkunz @avuko @GossiTheDog no healthy upstream
@768kb @avuko @GossiTheDog No healthy downstream either. All unhealthy (and possibly backdoored).
-
Yes, it's true, some attackers use GenAI tools to make phishing emails or spit out Powershell. Based on existing attacks. That your existing controls should cover, as it's a repeat of existing attacks.
Vendors just need to do their jobs, not milk customers like it's a farm.
@GossiTheDog Too late. Customers have already outsourced their thinking to the vendor.
-
R ActivityRelay shared this topic
