Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sourcefire VRT Certified Snort Rules Update 2015-01-27

From: "lists () packetmail net" <lists () packetmail net>
Date: Wed, 28 Jan 2015 22:45:47 -0600
On 01/28/2015 06:36 PM, Joel Esler (jesler) wrote:

What do I need to throw in there?


Again -- not hostile:

All of it?  Otherwise it's a false economy of information exchange?  IMHO if I
were your customer I'd rather pay you for what you can tell me tomorrow not
for what you withhold today unless I pay.  Transparency forges trusts,
increases FOV, polarizes peer review, and fosters community benefit.  Closed
signature-based models, while they have their market value, create a false
valuation around response to known threats and delude management and Info Sec
Ops into believing they're actually addressing security threats when they're
actually doing nothing more than validation of true-positive over
false-positive.  Positively polarize the community for good and you've
increased your FOV significantly.  I mean, seriously, this is Upatre -- who
hasn't seen a Dyre/Dridex campaign this week dropped by Upatre?

Upatre is similar to someone trying to break your door down using bottle
rockets and whistling petes.

Cheers,
Nathan

------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: