Why spend time on such an “unexciting” topic of developing Windoze sensor?
Windows is still the most widely attacked target. After seeing so many recurring patterns from “technical analysis” of infiltrations (yes, I read offensive source-codes when I can’t sleep) & cases, it is frustrating to a point that I want to solve this personally!
Why give Free Endpoint Defense & Response away free?
- Not really to compete with commercial offerings. I don’t really see a competition, in fact my stuff can protect existing COTS EDR investments. Free evasive-payload generators can evade paid EDR (D for Detect-then-React whereas my D is Defense, or more specifically DISRUPT without chasing after “bad”), but my free stuff can stop that. Ironic but true & tested.
- A means to let more people learn at their own pace.
- Beyond the Mental Models (ways to decide better & faster), FreeEDR is a tangible & practical manifestation of those ideas. There are so many offensive tools, but yet equivalents for detection are still based on the premise of “chasing after (infinite) bad”. Sad… like little hamster below…
- It is not altruistic but rather logical because public funds were used to research, so it is only fair that it is made available to public (& even beyond SG), especially SMEs lacking the budget. Where got time & money to train people right? After all the time “training”, also just another form of marketing to buy more products…
How to make Cyber Security more a Public Good, specifically a “Anti-rival” good?
“Anti-rival good” is a neologism suggested by Steven Weber. According to his definition, it is the opposite of a rival good. The more people share an anti-rival good, the more utility each person receives. Many Open-Source projects are examples of anti-rival goods, many of them are corner-stones of Internet & used in all sorts of technical stacks.
Don’t get me wrong, I am not implying Cyber Security should be totally free but it has to be sustainable & people who are actually doing the work need to be compensated reasonably without the burn-out & stress.
But Cyber Security as Private Good as it is now, is quite unsound. Something is not right when organizations are paying so much for controls but still getting into trouble. People are fire-fighting like that hamster in a Threat-Mill, burning-out, giving up altogether or worse, joining the DARK SIDE...
I am not claiming 100% protection but I am quite certain most file-based Malware & abusing system tools (aka LOLbins) for network infiltration WILL become a thing of the past with FreeEDR.