Buttered Jorts@ajn142@infosec.exchange
@hrbrmstr@mastodon.social since they explicitly call out IDβing βmaliciousβ behavior from IPs yβall have classified as βbenignβ any thoughts on the reason for that difference?
hrbrmstr πΊπ¦
π¬π±
π¨π¦
@hrbrmstr@mastodon.social
@ajn142@infosec.exchange rly good q. our folks who were at BH/DC met with the dev and we're gonna sync up on the project so I'll report back.
If they're using static "benign" lists, that could be it. We re-verify all benign actor IP lists quarterly, and some actors are dynamic (RDNS, etc) by nature.