tripwire(1) has been part of systems for decades. Bullshit about "they had alrea... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rswail on July 22, 2024 \| parent \| context \| favorite \| on: CrowdStrike's Falcon Sensor also linked to Linux k... tripwire(1) has been part of systems for decades. Bullshit about "they had already looked at the modification which was benign". So your "security" is to totally expose every operation of your software to an external party with absolutely no auditing of what data they are exfiltrating from your system?

p_l on July 22, 2024 [–]

It was handled by internal security team.

Also, tripwire was limited to periodically scanning files, couldn't scan for example syscalls and trace relationships between them.

But yes, tripwire is a very early EDR/XDR.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact