Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Originally Seen On Algorithmia, via Prooffreaderswhimsy!

Anti-Exfil: The Is-Self, Not-Self Solution?

November 28, 2018 by Marc Handelman in Security Inventions, Security Prophylaxis, Security Tooling, Security Vendors, Security Controls, Security Canary, Security Bloviation

via Karen Hao, writing at MIT's Technology Review magazine, reports on a relatively new-and-novel security product monikered Darktrace.

Here's the quote from the organization's co-CEO Nicole Eagan, describing her company's product:

"It’s very much like the human body’s own immune system," says the company’s co-CEO Nicole Eagan. "As complex as it is, it has this innate sense of what’s self and not self. And when it finds something that doesn’t belong—that’s not self—it has an extremely precise and rapid response." - via a report from Karen Hao, writing at MIT's Technology Review

The description of this product is a nearly perfect example of Security Bloviation - and certainly ranks in the top 5% of bombast relating to a company's solution to a difficult problem.

Predicated on my understanding of this product, that is, the functionality deployed (in the effort to foil exfiltration of sensitive (and otherwise) bits), is all about 'algorithmic-based unsupervised-learning', rather than misplaced New Age conceptual witticism attaching some amorphous cognitive "innate" behavior to an agglomeration of bits.

In reality, the product probably works as advertised, regardless of the questionable description proffered by the 'co-CEO'. For me - and many of my Information Security meatspace colleagues, the question is, how long will the product work (until it-too is gamed by our miscreant adversaries) and with what definable level of efficiency?

November 28, 2018 /Marc Handelman
Security Inventions, Security Prophylaxis, Security Tooling, Security Vendors, Security Controls, Security Canary, Security Bloviation

Credit: Unknown

Pwnd

August 11, 2014 by Marc Handelman in SSL / TLS, Intelligence, Network Security, Blatant Stupidity, Malware, Physical Security, All is Information, DevOps, Cryptography, Security Prophylaxis, Sarcasm, Humor, Information Security


 

Today's BlackHat Las Vegas 2014 news brings the annual security confabs' bestowment of the Pownie awards; so, without further ado, examine Sophos' take on the award.  So apropos.

August 11, 2014 /Marc Handelman
SSL / TLS, Intelligence, Network Security, Blatant Stupidity, Malware, Physical Security, All is Information, DevOps, Cryptography, Security Prophylaxis, Sarcasm, Humor, Information Security

DDoS, Prophylaxis

June 18, 2014 by Marc Handelman in Information Security, Security Prophylaxis

via venerable CircleID, by contributor Jag Bains, comes a thorough, targeted examination of the varied distributed denial of service protection capabilities currently touted in the marketplace. Highly recommended and a mercifully short read, today's Must Read selection.

"The dirty little secret is, many DDoS attacks are perpetrated by your competitors. The attackers sometimes will target numerous competitors at once and do it at the worst time possible." - CircleID's Jag Bains
June 18, 2014 /Marc Handelman
Information Security, Security Prophylaxis