@GossiTheDog thinking of the “one death is a tragedy, a thousand is a statistic” quote here, but I don’t necessarily disagree. Just thinking that if you have 1000s of vulnerable hosts, getting flooded by alerts wouldn’t be very useful. With that said, I never was on the receiving end so I’m mostly guessing
@taiki @GossiTheDog getting thousands of alerts is an everyday event for these systems, at least in my experience. For every high profile vuln like the xz backdoor, there are 20-30 cves for other apps that fly under the radar. Hence regular patching being a key part of defense strategies.