so, help by strong email filtering (main gateway). and then add in DNS and web filtering. and if you are serious... app control (free, like applocker, or fast and featureful like airlock digital) AC-HUNTER to pickup the beaconing when all else fails

Watching Patrick Gray recorded live at AISA Cybercon, this is great :)

Recent recorded AusCERT presentation by David Cottingham on *Practical Allowlisting* (aka appcontrol/whitelisting). Includes objectives, maturity, challenges, trust decisions and key requirements including Q&A. Vendor independent - I promise: youtube.com/watch?v=lsl0vf…

Discussed attackers' temptation to use custom code, lateral movement and living off the land in an allowlisting context with Patrick and David Cottingham on this weeks Patrick Gray podcast. overcast.fm/+It0j4EJEU

Come say Hi tomorrow at the Blackhat expo hall tomorrow. Home of the offical Patrick Gray sticker 😂

A Where’s Wally for the Patrick Gray sticker on the Defcon sticker wall.

Feels too soon to be getting back on the plane after BH/DC, but looking forward to CrowdStrike fal.con23 next week. Swing past our booth and say Hi :)

Fantastic to see public recognition of Airlock Digital as the #1 popular listing in the CrowdStrike marketplace marketplace.crowdstrike.com

The “Allowlist Auditor” from Airlock Digital is great to highlight the current state of allowlisting on endpoints. Includes tests for execution (exe, dll, PS1, CPL and others) in common locations, and an audit for existing allowlisting solutions. airlockdigital.com/application-wh…

Here's the reality: We need to shift focus away from relying on detection + response to catch and stop ransomware/extortion actors and toward preventative/blocking means. There simply is no viable alternative if we're going to make substantial progress at societal level here.

Application allowlisting is the future for all security consciousness organizations that have any significant resources. It's just a matter of how and when any particular org will adopt it.

Great to see another live Patrick Gray fantastic analysis as always

Really exciting milestone to have the whole company together in Adelaide this week, cooking up the next chapter :)