[Full-disclosure] [Professional IT Security Providers - Exposed] Layer 9 Corporation ( D )

J. Oquendo sil at infiltrated.net
Wed Feb 6 21:11:19 GMT 2008 

secreview wrote:

> We do take a few points away from Layer 9 because they resell third 
> party hardware and software. We feel that companies who resell third 
> party technologies become bias towards selling those technologies even 
> if a better technology solution exists. This might not stand true for a 
> business that makes such a strong effort to be honest like Layer 9, but 
> it most certainly is true for most IT Security Providers.

Where I work we re-sell third party products and its based on an 
assessment of what the client needs. There is no one size fits all 
solution. When I contracted at a company I won't mention (one of the top 
5 computing companies) we re-sold Juniper Netscreens to migrate out 
Checkpoint to one of our clients because it fit their need. We could 
have sold them bigger equipment to accommodate for it at a higher price.

You and whomever else your cohorts are need to take a better look at 
security design as a whole instead of shooting off rambling messages 
such as these. Let's go back to 1998, 1999 pre @Stake the corporation. 
One would have cringed at L0pht's site from a CTO perspective. Does that 
mean you would have belittled them in your (pseudo)security review.

Perhaps when you called Layer9 they didn't want to be bothered with your 
BS. Perhaps somewhere there is on this list and awaited your call. I 
don't know I don't work for them.

> We also noticed that Layer 9 seems to be more geared towards offering IT 
> services than Professional IT Security Services. They sell PIX firewalls 
> and discuss services that are designed to help their customers improve 
> the performance of their IT Infrastructure. They do not offer the more 
> advanced IT Security Services.

Name me one of the top 20 Fortune 500 companies that doesn't resell 
these services. You think companies don't farm out work?

> Based on the little bit of information that we were able to collect 
> about Layer 9, it is our opinion that Layer 9 is a trustworthy company 
> that will only offer services to their customers that they are capable 
> of delivering. We can not comment on the talent or capabilities of Layer 
> 9 as we couldn't find any information related to that. Likewise, we can 
> not comment on the quality of their services.

Based on the reviews you guys put out, I take you as serious as I take 
that Indian kid ockknock whatever the hell his name was. "WTF is this 
idiot talking about." If I were a CSO why would I want to take you 
serious, why should I take you serious. Let's be logical here. What are 
your credentials. What certs do you possess, how long have YOU been in 
the industry, where have you worked, what have YOU done for the security 
community.

Get a real job.

-- 
====================================================
J. Oquendo

SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)

wget -qO - www.infiltrated.net/sig|perl

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5533 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080206/836445a3/attachment.bin

Full-Disclosure is hosted and sponsored by Secunia.