[Dailydave] How do I defend against 0day?
Nathan Landon
nathan.landon at digitaloperatives.com
Mon Apr 20 22:02:13 EDT 2009
My argument would be that a security guy or administrator could use it as
amplifying information while speaking to executives at their
company. Executives (still) don't understand zero-days, or generally
anything about how computer security works.
CANVAS can help those IT folks amplify the information and demonstrate the
importance of taking action (disabling services, changing vendors, buy more
security technologies, etc)
I personally have built exploits to prove that something is possible.
Ultimately to show the potential for catastrophic failure or system/network
compromise. These demonstrations always got executives "thinking".
Nate
Nathan Landon
Digital Operatives
www.digitaloperatives.com
Cell: 808-221-9172
On Mon, Apr 20, 2009 at 7:58 PM, Richard Bejtlich <taosecurity at gmail.com>wrote:
> On Sun, Apr 19, 2009 at 4:55 PM, Jeffrey Czerniak <jeffcz at gmail.com>
> wrote:
> > (Moved this conversation to dailydave per Dave's suggestion)
> >
> > Pardon my naivete... I am somewhere on the spectrum between "paid
> > security professional" and "Symantec said zero infections, how did
> > they get my bank password?" I'm one of those schmoes who reads
> > security blogs, follows the NSA hardening guidelines, patches
> > regularly, browses with Firefox/NoScript, but still realizes that
> > there are 0day threats out there that could compromise my machine.
> >
> > On Twitter, Adam Shostack argued that in effect, I'm doing the right
> > thing. (http://twitter.com/adamshostack/status/1527933467)
> >
> > Dave responded, no, 0day is rampant and I'm screwed.
> > (http://twitter.com/daveaitel/status/1553055665)
> >
> > When I asked Dave what I should be doing to protect myself, he
> > suggested I buy a copy of CANVAS, an Early Updates subscription, and
> > take a class from Immunity.
> > (http://twitter.com/daveaitel/status/1554813723)
>
> I find this fascinating. Can someone who advocates this point of view
> take the next steps? Assuming you buy CANVAS and subscribe to EU, and
> know what Immunity knows, and can test using CANVAS, what next?
>
> Thank you,
>
> Richard
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20090420/22192b9c/attachment-0001.htm
More information about the Dailydave
mailing list