Recently we tweeted about some issues we had with 3CORESec Blacklist , a platform that shares - openly and freely - a subset of the information seen and processed by our honeypot network. While those issues have been addressed, and seeing as significant changes were made to how we monitor the generation of the lists (which is reflected in our status page ) and how we determine if an IP should be listed as an offending IP or not, this felt like a good opportunity to write a bit more about the platform as well as the changes we made. For regular users of Blacklist đź““ the first thing they’ll notice is an increase on the numbers of IPs we include. That is a direct result of the changes we made and the growth of the honeypot network itself. We have not - and will not - ever increase the period for which we query the honeypot network, as we believe anything higher than 24h (as specified in the project page) for IP addresses can quickly fall into a decaying state that adds little value
Over the last 6 months we have been hard at work on what we believe is the future of enterprise information security, and today we’re excited to lift the curtain - to some extent - on our most recent development: 3CORESec ONE and 3CORESec MDR . 3CORESec ONE When we first got together to establish our product lineup, one thing became clear. If we wanted to make a difference we would require significant development on tools and platforms that worked how we thought information security should work: in a unified experience, with minimal changes to client workloads, pricing that is adjusted to different size companies, the capability to grow without additional purchases or any additional rewiring, and an overall less is more approach. After two years of building individual components for our products, and some of them finding their way to the public in the form of SaaS platforms (i.e. lawmaker.cloud and dtection.io ) , 3CORESec ONE is the platform that brings it all together under a s