Enumerating Goodness has its own weakness though, the mimic attacks that look legit will create false negative and be categorized as Goodness.
Security through obscurity is not a great idea and to certain people it sounds dumb as if the application/software that you are trying to protect is vulnerable, you will be eventually exploited, however it does asist for defensive side because it helps to prevent against automated tools and also requires offensive side to perform more steps to achieve what they are trying to do and this leaves more footprints to be examined and traced by the defensive side. It can be considered as early warning of its kind if you know how to make use of it.
This is just my personal thought and feel free to discuss about the topic. There's no perfect model or principle.