-
No, we need to step back and work on critical infrastructure not being so damn brittle in the first place! Constant patching is a kludge. @pwnallthethings/863539048077512704
-
1. Proper network and system level compartmentalization 2. Code level defenses (secure languages, compilers, static and dynamic checks) 1/3
-
3. Runtime level defenses (hardware, kernel, runtime environment) 4. Updates/patching without downtime (probably still loses some state) 2/3
-
5. Constant monitoring (automated collection and filtering, manual escalation) 6. Response (incl. legal) Yes, all cost money and time. 3/3