|
Top-level
@nerdpr0f - Take that idea and flip it! Use it to see what are the first projects that need to be reviewed from a Threat Hunting perspective! Seriously! Its a great approach you've created! Specifically identify projects that would be High Value Targets to a malicious actor and then go through the code with the ASSUMPTION THAT THEY HAVE ALREADY BEEN COMPROMISED. See how many other backdoors and vulns we can find. 4 comments
@tychotithonus @tinker So, this isn't the space I normally play in (being a Windows guy, for the most part). I just had a chat with @jrwr, and this data is *massively* noisy. The open source ecosystem gets real weird, real quick. Indeed. Like any model, whatever we build may not be fully accurate ... but should hopefully be useful. :D @tinker @nerdpr0f Turning the approach on its head for threat hunting is brilliant! By identifying high-value targets and reviewing their code under the assumption they've already been compromised, we prioritize security from the get-go. This method not only sharpens our focus on potential vulnerabilities but also prepares us to counter sophisticated cyber threats. It’s a proactive defense strategy, ensuring we're always a step ahead of malicious actors. #CyberSecurity #ThreatHunting |
Gregory's Server
@tinker Ooh, exactly!
https://infosec.exchange/@tychotithonus/112192099235146057
@nerdpr0f