Oh yeah! If you have not read Gary's article on "active defense" you really should.
One quote from the article, "When the Washington Post publishes a story hyping an ill-considered notion of cyber-retaliation misleadingly called "active defense" as a rational idea, we should all worry."
Another take on this from the HP Blog, says: "s a strategy for an enterprise, "going on the offensive" is, I believe, small-minded. here's why. With so many difficult factors to consider which I'll discuss in a minute, it's really hard to allocate resources to offensive strategy. Let's take even one more step backwards, first. When thinking about offensive security measures as a means of digital defense, we have to ask ourselves what the return on effort is. What is there to gain?"
This may all be about guerrilla marketing, an article in Reuters quotes former FBI agent Shawn Henry, how has joined CloudStrike: ""Not only do we put out the fire, but we also look for the arsonist," said Shawn Henry, the former head of cybercrime investigations at the FBI who in April joined new cyber security company CrowdStrike, which aims to provide clients with a menu of active responses.
Let's give HBGary, the last word. I think their approach to Active Defense is a bit more sane. "Armed with advanced enterprise threat intelligence provided by Active Defense, organizations can quickly gather critical evidence to contain the threat, locate compromised machines, and assess damage. For example, one can use its IDS to detect additional infected machines, data exfiltration can be blocked at the egress firewall, and malware can be cut off from Command and Control servers."
No comments:
Post a Comment