|
|
|
|
|
|
by pixl97
10 days ago
|
|
|
It works because there are multiple companies doing it and double checking the results. For example, is a crypto miner actually an attack? If the package presents itself as a miner, then no. Is connections to other repositories an attack? Again, depends on what the package does. Connections to some other hostname? Depends. There is still a lot of human analysis that occurs in making the call that an attack is occurring. |
|
|