Neutralised 404 Error Mode is here
The MIRE/C³ system now includes a new mode that forces all errors to be handled neutrally.
This mode addresses a common requirement for many companies: avoiding responses that could appear misleading during security testing. For example, during a penetration test, if a web resource returns responses that appear to contain secrets, the issue will almost certainly be reported as a finding. That finding may even be rated as significant, even if the testers later realize the responses are generated by MIRE/C³.
To address this, MIRE/C³ now includes a Neutral 404 mode that handles all attack paths consistently and neutrally.
With this change, the volume of data returned to an attacker is reduced, while response delays are intentionally introduced. Each delay is seeded to fall between 5 and 15 seconds. This mode provides less deception but introduces significantly more delay.
The results can be viewed on the statistics and live log pages.
What should one expect from introducing a longer delay and returning neutral 404 error messages? Probably nothing. Even though the 404 page includes a “cease and desist” notice directed at AI-driven systems, it is unlikely to have any meaningful effect.
Time will tell. In the meantime, this mode allows probes to be handled cleanly and consistently while introducing just enough friction to frustrate automated systems scanning for vulnerable content.