I really like Cisco's approach of being able to react to an attack
and gain info about a target system. I do think that such a reaction
needs to be tempered so that it does not become a DOS. I also would
not want to be the security guy asking IT for network privileges
on their boxes so my Console could log into their boxes after a
suspected attack has occurred. Having said that, we have a similar
feature on our roadmap for the Lightning Console.
Overall though, there are many advantages to being passive, active
or maybe reactive and not one solution fits them all. We're trying
to be flexible with the Lightning Console by letting people choose
how much of any of those types of vuln detection they really want.
and gain info about a target system. I do think that such a reaction
needs to be tempered so that it does not become a DOS. I also would
not want to be the security guy asking IT for network privileges
on their boxes so my Console could log into their boxes after a
suspected attack has occurred. Having said that, we have a similar
feature on our roadmap for the Lightning Console.
Overall though, there are many advantages to being passive, active
or maybe reactive and not one solution fits them all. We're trying
to be flexible with the Lightning Console by letting people choose
how much of any of those types of vuln detection they really want.
Ron Gula, CTO
Tenable Network Security
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]