Richard Bucker

Only Tool Is a Hammer

Posted at — Nov 12, 2020

The saying goes… if your only tool is a hammer then all your problems look like nails. By extension a speaker at the RSA Conference was talking about living off the land which is the use of the tools available on the target machine… so if all of the machines in the target area are all the same OS brand, model and version then the larger the attack surface. (see monty hall problem; but inverse) In a zero trust architecture one would prefer NOT to put all trust in one OS vendor regardless of the vendor.

My solution… [a] mix up the OS' when possible [b] deploy a unikernel(s).