• thesmokingman
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      The article explicitly talks about social engineering. If you’ve solved social engineering for the positions I listed, you have effectively ended the need for most security solutions. Yes, we can mitigate its effects, but no, watching doesn’t prevent it which was the context of this thread.

        • thesmokingman
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          You have to define adversary objectives then separate those from normal behavior. Again, you haven’t solved the problem raised in the thread. How are you, a highly paid cyber security professional, going to prevent social engineering from allowing privilege escalation and negative outcomes ranging from fraudulent invoices to knowledgeable, intentional use of applications following expected behavior?

          Read the article.