PoC Exploits Do More Good Than Harm: Threatpost Poll

2020-01-22 11:01

Last week, Threatpost conducted a reader poll and almost 60 percent of 230 security pundits thought it was a "Good idea" to publish PoC code for zero days.

Joseph Carson, chief security scientist at Thycotic, told Threatpost that while he thinks PoC exploits can have a positive impact, "It is also important to include what defenders can do to reduce the risks such a methods to harden systems or best practices."

Like Thaxton, say that PoC exploit advocates fail to recognize the complexity of patching large environments: "I believe the release of PoC code functions more like an implied threat to anyone that doesn't patch: 'You'd better patch ... or else,'" he said "This kind of threat would likely be unacceptable outside of the infosec world. This is even more obvious when PoCs are released before or alongside a patch for the vulnerability."

Beyond the release of the Citrix PoC code, a slew of other PoC exploits were released last week, including ones for a recently patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft; and another for critical flaws impacting the Cisco Data Center Network Manager tool for managing network platforms and switches.

Gold, for his part, argued that distinguishing a fine line between a theoretical vulnerability and a successful exploitation of a real system makes all the difference when it comes to PoC exploits versus active exploits.

News URL

https://threatpost.com/poc-exploits-do-more-good-than-harm-threatpost-poll/152053/

#exploit #POC #threatpost

News URL

Related news