|
|
|
|
|
|
by wepple
3505 days ago
|
|
|
I agree that rolling back an image to a "known good" state is not the appropriate solution; if you can do it efficiently, what's stopping you from doing it very regularly? Attacking a system that disappears and restarts on a regular basis is a nightmare for current attackers; it's not something that they have the tooling to deal with yet. I believe some of these ideas were discussed by Dino Dai Zovi in a talk[1] he did which combined a whole bunch of rather out of the box ideas on defense. [1] https://www.youtube.com/watch?v=_A6Y62AcQ2g |
|
|