Re: IDS is dead, etc

From: Jonathan Rickman (jonathan_at_xcorps.net)
Date: 08/13/03

  • Next message: SecurIT Informatique Inc.: "Re: Alert Correlation"
    To: focus-ids@securityfocus.com
    Date: Wed, 13 Aug 2003 12:22:20 -0400
    
    

    On Wednesday 13 August 2003 01:01, Omar Herrera wrote:

    > The key is "correlation", and right now I don't se a better security
    > solution than a well prepared security professional to correlate that.

    I think that will remain the case for a long time to come. After all,
    security is a process. The process involves technical and human factors.
    Attempting to engineer people out of the process will ultimately fail.
    Systems only have two possible answers to any given question...yes or no.
    People can respond with very detailed conditional responses. Never
    underestimate the power of maybe, if, but, and or.

    -- 
    Jonathan Rickman
    X Corps Security
    http://www.xcorps.net
    ---------------------------------------------------------------------------
    Captus Networks - Integrated Intrusion Prevention and Traffic Shaping  
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Automatically Control P2P, IM and Spam Traffic
     - Ensure Reliable Performance of Mission Critical Applications
    Precisely Define and Implement Network Security and Performance Policies
    **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
    Visit us at: http://www.captusnetworks.com/ads/31.htm
    ---------------------------------------------------------------------------
    

  • Next message: SecurIT Informatique Inc.: "Re: Alert Correlation"

    Relevant Pages

    • RE: is this the start of something naughty?
      ... Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... - Ensure Reliable Performance of Mission Critical Applications ... - Precisely Define and Implement Network Security and Performance Policies ...
      (Incidents)
    • RE: what is this?
      ... Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... - Ensure Reliable Performance of Mission Critical Applications ... - Precisely Define and Implement Network Security and Performance Policies ...
      (Incidents)
    • RE: Software vendor clueless
      ... The current information security environment. ... these networks, because their software is so buggy, the developers need ... Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... - Ensure Reliable Performance of Mission Critical Applications ...
      (Incidents)
    • RE: Software vendor clueless
      ... Additionally if the site has a security policy/standards that require ... >these networks, because their software is so buggy, the developers need ... >Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... > - Ensure Reliable Performance of Mission Critical Applications ...
      (Incidents)
    • lots of sobig virus emails.
      ... It also looks like i'm getting a ton from 'security peoples' email addresses. ... Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... Ensure Reliable Performance of Mission Critical Applications ...
      (Incidents)