Discussion about this post

User's avatar
Diego Cordero's avatar

Great write-up! Really gets into the nitty-gritty.

How does Runtime Reachability block a malicious function without breaking an app?

Do we need to get to in-app monitoring? Would EDR and XDR at the system level be enough?Is the marginal security gain justifiable?

Expand full comment
Jagadish's avatar

James , great write-up . I assume Sysdig's Falco solution that leverages syscall cant be categorized fully as a runtime reachability tool ? Raven . Oligo etc. have something that differentiates what Sysdig (and several others) have up their sleeves currently ?

Expand full comment
8 more comments...

No posts