David Cottingham

179 posts

David Cottingham

@c0tts

CEO & Co-Founder of Airlock Digital, practical and effective allowlisting

Australian Capital Territory Katılım Temmuz 2017

114 Takip Edilen310 Takipçiler

David Cottingham@c0tts·11 Mar

@Collab_Seth @AirlockDigital Anytime! I have been wanting to reply to this for months now! If I can help in any way, please don't hesitate to reach out to myself or support :)

English

Seth Kusiak@Collab_Seth·11 Mar

@c0tts @AirlockDigital Hey David, thanks for sending this — I was just reading the release notes and was like 🥳

English

David Cottingham@c0tts·11 Mar

@Collab_Seth @AirlockDigital Hi Seth, just reaching out here to let you know that our ARM supported agent is now GA in our v6.0 product release

English

Seth Kusiak@Collab_Seth·20 Haz

@c0tts @miketheitguy @AirlockDigital That’s awesome — can’t wait to test it out!

English

David Cottingham@c0tts·25 Haz

@Collab_Seth @miketheitguy @AirlockDigital It's alive. We are now just updating the installer logic to accommodate. Still a few steps to go, but making great progress over the last few days.

English

David Cottingham@c0tts·20 Haz

@Collab_Seth @miketheitguy @AirlockDigital Thanks for the feedback Seth. It's compiled we just need to QA and ship it, will ensure it gets to you really soon. This really helps us prioritise.

English

198

Seth Kusiak@Collab_Seth·20 Haz

@miketheitguy @AirlockDigital — you’re killing us here not having ARM support yet. All other software in our stack has ARM support

English

211

David Cottingham@c0tts·3 Haz

Really exciting milestone to have the whole company together in Adelaide this week, cooking up the next chapter :)

English

466

David Cottingham@c0tts·23 May

Great to see another live @riskybusiness fantastic analysis as always

English

2.7K

David Cottingham retweetledi

Brian in Pittsburgh@arekfurt·25 Şub

Application allowlisting is the future for all security consciousness organizations that have any significant resources. It's just a matter of how and when any particular org will adopt it.

English

15.2K

David Cottingham retweetledi

Brian in Pittsburgh@arekfurt·10 Oca

Here's the reality: We need to shift focus away from relying on detection + response to catch and stop ransomware/extortion actors and toward preventative/blocking means. There simply is no viable alternative if we're going to make substantial progress at societal level here.

Justin Elze@HackingLZ

One of the drivers behind people purchasing EDR is ransomware. If your argument is, who cares about "bypasses" or default blocking, and you say, "Well, EDR creates telemetry people can hunt on days or weeks later," ask yourself what the average dwell time is for these events.

English

3.1K

David Cottingham retweetledi

Koen Van Impe ☕@cudeso·21 Ara

The “Allowlist Auditor” from @AirlockDigital is great to highlight the current state of allowlisting on endpoints. Includes tests for execution (exe, dll, PS1, CPL and others) in common locations, and an audit for existing allowlisting solutions. airlockdigital.com/application-wh…

English

12.5K

David Cottingham retweetledi

Daniel Schell@danonit·20 Eyl

Fantastic to see public recognition of @AirlockDigital as the #1 popular listing in the @CrowdStrike marketplace marketplace.crowdstrike.com

English

1.1K

David Cottingham retweetledi

Daniel Schell@danonit·14 Eyl

Feels too soon to be getting back on the plane after BH/DC, but looking forward to @CrowdStrike fal.con23 next week. Swing past our booth and say Hi :)

Airlock Digital@AirlockDigital

We are less than a week away September 18 through September 21, we will be present at CrowdStrike's Fal.Con 2023 as a Gold Sponsor. Join us at Caesars Palace in Las Vegas, to get more details about our allowlisting platform.

English

883

David Cottingham@c0tts·26 Ağu

@jmelville It seems so! That does make life a little easier. Still unclear as to why this occurred. Intentional? unintentional? rolled back due to impact?

English

jmelville at the blue place too@jmelville·26 Ağu

@c0tts Looks like Microsoft have now rolled back the revocation, according to the top comment here help.developer.intuit.com/s/question/0D5…

English

David Cottingham@c0tts·23 Ağu

Something is happening at Digicert. It looks like on many Windows systems the VeriSign Class 3 Public Primary Certification Authority - G5 root certificate (serial: 18dad19e267de8bb4a2158cdcc6b3b4a) has been revoked as of around 9 hours ago.

English

6.5K

David Cottingham@c0tts·26 Ağu

Update: This change has been rolled back by Microsoft, with the certificate appearing as valid on systems. This can also be seen here ccadb.my.salesforce-sites.com/microsoft/Incl… (SHA1 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5) showing with the status of 'Not Before'.

English

686

David Cottingham@c0tts·24 Ağu

Blog writeup of what we know airlockdigital.com/microsofts-rev…

English

6.9K

David Cottingham@c0tts·24 Ağu

@back2all You unfortunately can't, Microsoft has set the remove flag. It's effectively perma banned. Even if you trust this yourself, the system will still block it.

English

Δβdаιмjєd saleh ッ@back2all·24 Ağu

@c0tts have any one found a way around or make exception in windows files or something?

English

David Cottingham retweetledi

Daniel Schell@danonit·13 Ağu

A Where’s Wally for the @riskybusiness sticker on the Defcon sticker wall.

English

522

Keşfet

@Collab_Seth @AirlockDigital @riskybusiness @CrowdStrike @jmelville @back2all @elonmusk @BarackObama