RE: Incident investigation methodologies
From: Steven Trewick (STrewick_at_joplings.co.uk)
Date: 06/07/04
- Previous message: Harlan Carvey: "RE: Incident investigation methodologies"
- Maybe in reply to: Harlan Carvey: "Incident investigation methodologies"
- Next in thread: Harlan Carvey: "RE: Incident investigation methodologies"
- Reply: Harlan Carvey: "RE: Incident investigation methodologies"
- Reply: Harlan Carvey: "RE: Incident investigation methodologies"
- Reply: Dave Paris: "RE: Incident investigation methodologies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: 'Harlan Carvey' <keydet89@yahoo.com>, incidents@securityfocus.com Date: Mon, 7 Jun 2004 15:46:48 +0100
> One more thing to think about...what happens when you
> go to the doctor? When you go to a doctor's office
> with a complaint, does he simply give you a lethal
> injection then perform an autopsy to determine what
> was wrong with you? Or does he collect volatile
> information...interview you, ask you questions, take
> your temperature and blood pressure, etc?
That is simply the single most bogus metaphor I've heard this week.
In the real world, production systems need to go back into production
ASAP.
Frontline support staff simply do not have the time or resource
(or often even the knowledge) to conduct lengthy forensic investigations.
Time = Money, that's a cold, hard fact, and there simply isn't any way
around it.
If my choice as a human being was to perform a procedure on myself
that would cost a minimal amount of resource, and take a minimal
amount of time, or a lengthy and costly series of investigations
that would take forever, be painful, and possibly, ultimately
inconclusive, which would I pick ?
</code>
The information contained in this e-mail is confidential and may be privileged, it is intended for the addressee only. If you have received this e-mail in error please delete it from your system. The statements and opinions expressed in this message are those of the author and do not necessarily reflect those of the company. Whilst Joplings Group operates an e-mail anti-virus program it does not accept responsibility for any damage whatsoever that is caused by viruses being passed.
joplings.co.uk
- Previous message: Harlan Carvey: "RE: Incident investigation methodologies"
- Maybe in reply to: Harlan Carvey: "Incident investigation methodologies"
- Next in thread: Harlan Carvey: "RE: Incident investigation methodologies"
- Reply: Harlan Carvey: "RE: Incident investigation methodologies"
- Reply: Harlan Carvey: "RE: Incident investigation methodologies"
- Reply: Dave Paris: "RE: Incident investigation methodologies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
