Hackers continually scan prospective targets looking for vulnerabilities.
What if we analysed each request in real time and generated a reply to indicate we were vulnerable, when in actuality we are not.
The external hacker will try to exploit these false positives and give us, on the defensive team, more time to analyse thier attacks and gather evidence while not having to worry about the risk of the hacker being successful.
This will also help to hide the real vulnerabilities we may have in an ocean of false ones.
No comments:
Post a Comment