Transfer learning is not new in information security. It has been in use for many years. For example, anti-malware vendors have exchanged samples of malware between their own proprietary collections of such (so-called zoos). That is a form of transfer learning. Similarly, Snort Community rules are a form of transfer learning. Community rules can be written by anyone, and used by any organization. ISACs are another form of transfer learning. Security-related is shared within a community. All of these examples (zoos, community rules, ISACs) involve known bads (e.g., malware, exploits, IP addresses, domains).