[Dailydave] APT

Moses Hernandez moses at moses.io
Tue Mar 11 18:18:34 EDT 2014 

Something caught my eye:

  "He emphasizes the role of encryption to defeat many defensive tools, but
ignores that security and   information technology architects regularly
make deployment decisions to provide visibility in the presence   of
encryption."

Meta Data matters, even just the patterns that are used in transmitting
data could matter. There potentially could even be signature matching on
protocols like voip that could give attackers a signature to match to a
person. An argument could be made that Meta Data matters to some people at
some level. Encryption is only a finite means to an end. If intelligence
data and its importance only has a finite life then encryption may be good
enough for the moment that it is needed for. At the same time, you can from
a defense point of view understand that bad stuff is happening even if
encryption is used.

As for the comments above, if I have learned anything in my career it is
that I have only been that much better because I have had to be on both
sides and have had my offensive skills influence and feed my defensive
skills. The same can almost perfectly said of the inverse.

Oh and

 "Look, Richard Beitlitch thinks I don't know anything about
"Strategy"<http://taosecurity.blogspot.com/2014/02/the-limits-of-tool-and-tactics-centric.html>
."

I will be the first to admit, compared to someone who has lived and
breathed warfare, I don't know If I could claim I know anything about
strategy. What I can tell you is this, we need better tools to go hand in
hand with 'people and process', so I'm excited to see Innuendo in action.

m
@mosesrenegade

Full Disclosure: The opinions here do not reflect the opinions of my
Employer.



On Tue, Mar 11, 2014 at 12:28 PM, Justin Seitz <justin at immunityinc.com>wrote:

> Weird I couldn't see Richard's response through all the marketing for
> his products and books. Must have been the thick cloud of big data APT
> threat intelligence in the way.
>
> I guess I also find it funny that there are a number of defense folks
> who love to use/paraphrase this statement Richard makes:
>
> "First, I recognized that it's written by someone who is not responsible
> for defending any network of scale or significance."
>
> Right. Offensive firms (you all should be pissed by this statement by
> the way) are not responsible for defending networks. Period.
>
> Posts like this, Richard, are why I turn off Twitter by 9am most days.
>
> Justin
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140311/3756d620/attachment.html>

More information about the Dailydave mailing list