[Dailydave] How do I defend against 0day?
Richard Bejtlich
taosecurity at gmail.com
Mon Apr 20 19:58:23 EDT 2009
On Sun, Apr 19, 2009 at 4:55 PM, Jeffrey Czerniak <jeffcz at gmail.com> wrote:
> (Moved this conversation to dailydave per Dave's suggestion)
>
> Pardon my naivete... I am somewhere on the spectrum between "paid
> security professional" and "Symantec said zero infections, how did
> they get my bank password?" I'm one of those schmoes who reads
> security blogs, follows the NSA hardening guidelines, patches
> regularly, browses with Firefox/NoScript, but still realizes that
> there are 0day threats out there that could compromise my machine.
>
> On Twitter, Adam Shostack argued that in effect, I'm doing the right
> thing. (http://twitter.com/adamshostack/status/1527933467)
>
> Dave responded, no, 0day is rampant and I'm screwed.
> (http://twitter.com/daveaitel/status/1553055665)
>
> When I asked Dave what I should be doing to protect myself, he
> suggested I buy a copy of CANVAS, an Early Updates subscription, and
> take a class from Immunity.
> (http://twitter.com/daveaitel/status/1554813723)
I find this fascinating. Can someone who advocates this point of view
take the next steps? Assuming you buy CANVAS and subscribe to EU, and
know what Immunity knows, and can test using CANVAS, what next?
Thank you,
Richard
More information about the Dailydave
mailing list