| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: frank at knobbe.us (Frank Knobbe) Subject: Where is security industry gng?? On Tue, 2004-09-14 at 08:38, Barry Fitzgerald wrote: > The problem with IDS was always that people perceived IDS as being a > magic box that automatically and exclusively detects intrusions. Anyone > who's ever worked with an IDS knows that that couldn't be further from > the truth. However, that does not invalidate the data from the IDS. A > properly tuned IDS can be very useful. I agree, but like to stress that Intrusion Detection Systems by themselves are worthless (as Gartner says). It's the Intrusion Detection Analyst/Operator that is useful, and the IDS is only a tool for the IDA to use and do his job. So in a sense, a properly tuned Intrusion Detection Analyst can be very useful. > I liken it to this physical analogy (don't you love them? :) ): I'm not even gonna go there... ;) > So, where is the security industry going? Well, who wants to buy a fire > suppression system? :) Nope. The next hot thing is security insurance. Then thereafter will be The Great Collapse after which information technology will experience some sort of Renaissance, mainly based on concepts of free software (as in free thought) and free of failed market manipulation. Cheers, Frank -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040914/6b401712/attachment.bin
Powered by blists - more mailing lists