Re: Gartner is Dead, nCircle, Fusion, asset-correlation--was-->False positives, negatives and don't cares

From: Anton A. Chuvakin (anton_at_chuvakin.org)
Date: 08/20/03

  • Next message: Darren Windham: "Intrusion prevention and dDos protection" 
    Date: Wed, 20 Aug 2003 16:19:02 -0400 (EDT)
To: "Arian J. Evans" <arian.evans@bigfoot.com>

    All,

    >3. Asset Valuation: create a combined asset value (CAV) metric based upon
    >#2.
    This is all very nice, but one of the major challenges here is that this
    "value" is inherently manual input (or computable from manual input).
    What's even worse, even the code to "program a human" to define such
    values manually is not written yet :-) Its just too fuzzy. Once, for
    example, I've heard an opinion that some BCP score or whatever can be used
    there, but even this turned out to be ineffective.

    Thus while some solutions do have the value field (such as for use in
    various risk assessment algorithms), I suspect few of the users actually
    define it.

    Best, 

    -- 
  Anton A. Chuvakin, Ph.D., GCI*
     http://www.chuvakin.org
   http://www.info-secure.org
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world’s premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symanetc is the Diamond sponsor.  Early-bird registration ends September 6 Visit: www.blackhat.com
---------------------------------------------------------------------------
  • Next message: Darren Windham: "Intrusion prevention and dDos protection"