Introduction For the last few years in the Exchange team, we have embarked on a series of programs intended to bring our engineers closer to our customers and the experience they have with ac...
Updated Jul 01, 2019
Version 2.0
Blog Post
It's a good point JT, and at the OS and research level people are looking into this kind of approach. However, how do you determine when something is unusual or suspicious? The thing we want to try to do with any analysis program is to keep the signal to noise ratio high (i.e. make as many of the issues generated actionable as possible). ExBPA, being a highly conditioned set of tests, is pretty good at this. Any kind of more generic solution you try to apply won't be as good. While the brute force method does take a lot of work and requires continuous maintenance to keep it up to date, it is at least pretty certain to be effective, whereas other approaches aren't so certain.