Intelligence Start-Up Goes Behind Enemy Lines To Get Ahead of Hackers

anlashok writes: The Times profiles a company called ISight, which sells computer security intelligence gathered by professionals from the "dark web". From the article: "ISight's investors, who have put $60 million into the company so far, believe that its services fill a critical gap in the battle to get ahead of threats. Most security companies, like FireEye, Symantec, Palo Alto Networks and Intel's security unit, focus on blocking or detecting intrusions as they occur or responding to attacks after the fact. ISight goes straight to the enemy. Its analysts — many of them fluent in Russian, Mandarin, Portuguese or 21 other languages — infiltrate the underground, where they watch criminals putting their schemes together and selling their tools."

Ah yes, the Classic argument...

[bobbied]

Is it black hat or white hat hacking?

It's kind of hard to tell them apart with schemes like this. Oh yea, we will infiltrate the "bad guys" and get tipped off to their activities before anybody else knows, or we will invent some new attack vector, sell it to the bad guys and get loads of money from your because only we know enough to protect you from what the bad guys are doing.. You cannot know the difference....

Problem with this is you will never know and you will be letting some outfit with admitted ties to some bad actors have access to your network security systems... What could possibly go wrong?