Reactive Security
Hola space cowboys! So I've been thinking. Why is it that the defender always takes the risks? If you look at the battlefield, the majority of the time, it is the the defender setting up and waiting to be attacked. And on the topic of defense, the defender for the most part just builds walls and checks, to make sure the attacker can't get through. What happened to the counter-attack?! What happened to the traps?! What happened to the offender stepping forward into a perfectly timed punch and getting KO'd before he knew what hit him!!!???!!! Sun Tzu said, "Your opponent is weakest when they think they have the advantage." If the defender, an app designer lets say, wants to get back at all those cyber punks, there is a way! The majority of script kiddies out there, just google dork vulnerabilities and play around at other people's expense. What one has to do is set up a visibly weak point, in an otherwise secure site. Then monitor that single hole, and if anyone attempts to push through it, log that and report them, or send them a warning, such as, "I am logging your activity, I know you are trying to crack my site." This will not only scare them away from your site, you will potentially mask up other vulnerabilities you may have. Of course they may not take the bait, but it can't hurt to set a few booby traps, and scare those would be hackers a little!