Positive Security Model
     defines what is allowed, and rejects everything else “whitelist”
       0-day attacks, will be prevented
       will be prevented as well as developer related shortcomings
       
  Negative Security Model
    defines what is disallowed, while implicitly allowing everything else  “negative”
       it can be deployed rapidly