bricebryce asked: Does your company upload any malware you find to offensive computing?
Thank’s for the question! We haven’t so far, but it’s certainly possible. Our client honeypot systems crawl known malicious sites and are constantly encountering new (and old) malware, but we use the data primarily for ranking the real world severity of snort, log, and service events that are produced during the crawling. We do keep the payloads though (and do use them for testing our upcoming file-carving system and virustotal integration), at least for some time, and we’d like to learn more about offensive computing if our efforts could help to benefit the community.
Tweet
