| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <47AA2277.2080507@infiltrated.net>
Date: Wed, 06 Feb 2008 16:11:19 -0500
From: "J. Oquendo" <sil@...iltrated.net>
To: secreview <secreview@...hmail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Professional IT Security Providers -
Exposed] Layer 9 Corporation ( D )
secreview wrote:
> We do take a few points away from Layer 9 because they resell third
> party hardware and software. We feel that companies who resell third
> party technologies become bias towards selling those technologies even
> if a better technology solution exists. This might not stand true for a
> business that makes such a strong effort to be honest like Layer 9, but
> it most certainly is true for most IT Security Providers.
Where I work we re-sell third party products and its based on an
assessment of what the client needs. There is no one size fits all
solution. When I contracted at a company I won't mention (one of the top
5 computing companies) we re-sold Juniper Netscreens to migrate out
Checkpoint to one of our clients because it fit their need. We could
have sold them bigger equipment to accommodate for it at a higher price.
You and whomever else your cohorts are need to take a better look at
security design as a whole instead of shooting off rambling messages
such as these. Let's go back to 1998, 1999 pre @Stake the corporation.
One would have cringed at L0pht's site from a CTO perspective. Does that
mean you would have belittled them in your (pseudo)security review.
Perhaps when you called Layer9 they didn't want to be bothered with your
BS. Perhaps somewhere there is on this list and awaited your call. I
don't know I don't work for them.
> We also noticed that Layer 9 seems to be more geared towards offering IT
> services than Professional IT Security Services. They sell PIX firewalls
> and discuss services that are designed to help their customers improve
> the performance of their IT Infrastructure. They do not offer the more
> advanced IT Security Services.
Name me one of the top 20 Fortune 500 companies that doesn't resell
these services. You think companies don't farm out work?
> Based on the little bit of information that we were able to collect
> about Layer 9, it is our opinion that Layer 9 is a trustworthy company
> that will only offer services to their customers that they are capable
> of delivering. We can not comment on the talent or capabilities of Layer
> 9 as we couldn't find any information related to that. Likewise, we can
> not comment on the quality of their services.
Based on the reviews you guys put out, I take you as serious as I take
that Indian kid ockknock whatever the hell his name was. "WTF is this
idiot talking about." If I were a CSO why would I want to take you
serious, why should I take you serious. Let's be logical here. What are
your credentials. What certs do you possess, how long have YOU been in
the industry, where have you worked, what have YOU done for the security
community.
Get a real job.
--
====================================================
J. Oquendo
SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)
wget -qO - www.infiltrated.net/sig|perl
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5533 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists