[Full-Disclosure] Where is security industry gng??
frank at knobbe.us
Tue Sep 14 17:58:08 BST 2004
On Tue, 2004-09-14 at 08:38, Barry Fitzgerald wrote:
> The problem with IDS was always that people perceived IDS as being a
> magic box that automatically and exclusively detects intrusions. Anyone
> who's ever worked with an IDS knows that that couldn't be further from
> the truth. However, that does not invalidate the data from the IDS. A
> properly tuned IDS can be very useful.
I agree, but like to stress that Intrusion Detection Systems by
themselves are worthless (as Gartner says). It's the Intrusion Detection
Analyst/Operator that is useful, and the IDS is only a tool for the IDA
to use and do his job.
So in a sense, a properly tuned Intrusion Detection Analyst can be very
> I liken it to this physical analogy (don't you love them? :) ):
I'm not even gonna go there... ;)
> So, where is the security industry going? Well, who wants to buy a fire
> suppression system? :)
Nope. The next hot thing is security insurance. Then thereafter will be
The Great Collapse after which information technology will experience
some sort of Renaissance, mainly based on concepts of free software (as
in free thought) and free of failed market manipulation.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040914/6b401712/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.