@spell - rajesh personally I don't buy the "just because its been done before makes it ok" argument, but again, its just personal opinion. I hate web proxies for the exact same reason 🙂
05/08/2018, 6:16 PM
The majority of customer's we've talked to would be opposed to this table. The security value is minimal and the privacy concerns are immense.
I mean, if you're going to inspect user's web traffic, then you mine as well look at the entire HTTP request and not just the browser history. At least then you have data that can be applied for real security use-cases - with the same level of privacy degradation.
spell - rajesh
05/09/2018, 12:54 AM
thanks. Taking note of how community feels. Will talk internally about disabling some of these tables by default. In fact we have tables for all major browsers now. Since we come from FireEye / Mandiant background we try to bring in what IR tools collect during triages.