Join us for the Honeynet Workshop 2024: May 27th–29th, Copenhagen, Denmark

Debating the Active Response Continuum: Defining the Terms of the Debate

28 May 2013 David Dittrich active-defense active-response-continuum aggressive-network-defense hack-back
[This post expresses the personal opinion of the author and is not an official statement representing the Honeynet Project.] At the AusCERT 2013 conference, Dmitri Alperovich called for debate about, “the kinds of actions that infosec professionals are allowed to take against attackers.” I agree with Dmitri, and in fact I made the same call, at the same conference on May 23, 2005! (AusCERT invited me to speak on an emerging topic and I chose to speak for the first time publicly at AusCERT 2005 about the Active Response Continuum research I had been doing with funding from Cisco.

No, Executing Offensive Actions Against Our Adversaries Really Does Have High Risk (Deal With It)

10 Dec 2012 David Dittrich active-defense active-response-continuum counter-attack crowdstrike ethics hack-back
This is a response to a CSO Online blog post by Jeff Bardin ("Caution: Not Executing Offensive Actions Against Our Adversaries is High Risk," November 2012.), which is a rebuttal to a blog post by Jody Westby on Forbes online (“Caution: Active Response to Cyber Attacks Has High Risk.”) Mr. Bardin is obviously playing on words in the title and I seriously doubt he believes that it is higher risk to not take aggressive actions than is to do so.