SSR

Some1 else wrote:


mijcar wrote:

 

The main thing is to make better use of your resources.

 

Here is what I propose:

 

You have submissions for malware activity from two kinds of sources:  those who know what they are doing and those who will send you any email attachment that shows up in their in-box.  You need to distinguish between them.  It would not be difficult to rank submitters by their track record.  Those who show themselves to know what they are doing should either be given a difference address to which to submit their files for checking or should be filtered by their email address into a different pool.

 

Submissions from reliable sources should be bumped up past the automatic checking straight to the human checkers.

 

Since this can be handled easily enough by software, it takes no effort, time, or money on your part.  It merely changes the order in which submissions are examined based on the submitter's track record.  Some like TomiRed or Tech0 would have almost immediate access to the examination team because they will have already done the important first analysis.

 

In other words, you have already established this community.  We have already become proficient to a large extent, each of us in the domains that we feel comfortable in and are interested in.  But so far the expertise that you helped bring together and encourage is largely being neglected.  Now is the time to start empowering us and gaining yourselves by using what we have to offer.

Message Edited by mijcar on 12-04-2008 09:01 AM

 [edit:  Edited to give proper credit to the original author.]

Message Edited by Allen_K on 12-13-2008 08:56 PM