Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Businesses Can't Tell Good Bots from Bad Bots: Report
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
11/28/2017 | 9:42:38 PM
Re: Good or bad bots?
@Dr. T: Not really. There are security software solutions and analytics that detect what kind of bot a bot is -- and whether it is a bad bot or a so-called "good" bot.
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
11/28/2017 | 9:41:43 PM
Re: White Bot, Black Bot, Good Bot, Bad Bot
@Dr. T: Maybe you and I have different ideas of what kinds of bots we want to allow. I have no intention of letting marketers' bots in.

Whitelisting, in any case, goes to specific bots/APIs/etc. -- as opposed to general types.
Dr.T
Dr.T,
User Rank: Ninja
11/27/2017 | 12:52:56 PM
DevOPs Security?
 

"they don't integrate security into continuous application delivery?"

I do not know what they do then, are they delivering and deploying over the top?

 
Dr.T
Dr.T,
User Rank: Ninja
11/27/2017 | 12:50:16 PM
Re: White Bot, Black Bot, Good Bot, Bad Bot
I agree, the question is how we applied that analogy to bots technologies.
Dr.T
Dr.T,
User Rank: Ninja
11/27/2017 | 12:47:59 PM
Re: White Bot, Black Bot, Good Bot, Bad Bot
Are you a good bot or a bad bot?

This is a good idea, all the bots have to prove that they are good bots first.
Dr.T
Dr.T,
User Rank: Ninja
11/27/2017 | 12:46:16 PM
Re: White Bot, Black Bot, Good Bot, Bad Bot
"Whitelist"

Whitelist  would be a god option to keep. It may be a useful new bot such as delivering you the best cyber Monday deal. You want to allow that.
Dr.T
Dr.T,
User Rank: Ninja
11/27/2017 | 12:43:55 PM
Good or bad bots?
 

Good or bad bots? You would not know that until but executed so it is a little bit of a luck.
DonHarper
DonHarper,
User Rank: Apprentice
11/23/2017 | 4:41:54 PM
Re: White Bot, Black Bot, Good Bot, Bad Bot
Brilliant one ! 
agenpokeronline
agenpokeronline,
User Rank: Apprentice
11/22/2017 | 4:53:18 PM
Re: White Bot, Black Bot, Good Bot, Bad Bot
Nice one !
AutoEcole18
AutoEcole18,
User Rank: Apprentice
11/21/2017 | 5:48:58 PM
Re: White Bot, Black Bot, Good Bot, Bad Bot
Nice one !
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Creating an Effective Incident Response Plan
Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-43705
PUBLISHED: 2022-11-27
In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).
CVE-2022-45934
PUBLISHED: 2022-11-27
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
CVE-2022-45931
PUBLISHED: 2022-11-27
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used.
CVE-2022-45932
PUBLISHED: 2022-11-27
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used.
CVE-2022-45933
PUBLISHED: 2022-11-27
KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side proj...