|
|
Focus on IDS
ROI on IDS/IPS products Feb 27 2009 05:08PM Ravi Chunduru (ravi is chunduru gmail com) (5 replies) Re: ROI on IDS/IPS products Mar 04 2009 12:55PM aditya mukadam (aditya mukadam gmail com) (1 replies) Re: ROI on IDS/IPS products Feb 28 2009 12:17AM Frank Knobbe (frank knobbe us) (1 replies) Re: ROI on IDS/IPS products Mar 02 2009 06:36PM Jeremy Bennett (jeremyfb mac com) (1 replies) Re: ROI on IDS/IPS products Mar 02 2009 07:21PM Stefano Zanero (s zanero securenetwork it) (2 replies) Re: ROI on IDS/IPS products Mar 03 2009 04:01PM Webmaster 003 (webmaster networkdefense biz) (2 replies) Re: ROI on IDS/IPS products Mar 05 2009 02:48AM Joel Jaeggli (joelja bogus com) (2 replies) Re: ROI on IDS/IPS products Mar 05 2009 05:01PM Joel M Snyder (Joel Snyder Opus1 COM) (1 replies) Re: ROI on IDS/IPS products Mar 06 2009 01:56AM Ravi Chunduru (ravi is chunduru gmail com) (1 replies) Re: ROI on IDS/IPS products Feb 27 2009 06:26PM Jeff Kell (jeff-kell utc edu) (3 replies) Re: ROI on IDS/IPS products Feb 28 2009 10:20PM Ray (rpesek hotmail com) (1 replies) RE: Re: ROI on IDS/IPS products Mar 02 2009 05:26PM Brandon Louder (Brandon Louder mckennan org) (1 replies) |
|
Privacy Statement |
enterprise security professional will have a choice to dictate what term is
used to their CFO or other financial folks.
The SANS paper conflates security ROI (about reduced cost) and ROSI (about
reduced risk).
More here:
http://spiresecurity.typepad.com/spire_security_viewpoint/2009/02/settin
g-th
e-record-straight-on-roi-in-security.html
Regards,
Pete
Pete Lindstrom
Research Director
Spire Security
610-644-9064
blog: http://spiresecurity.typepad.com
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> On Behalf Of Martin Roesch
> Sent: Friday, February 27, 2009 1:47 PM
> To: Ravi Chunduru
> Cc: Focus IDS
> Subject: Re: ROI on IDS/IPS products
>
> Bejtlich does lots of writing around security ROI and whether ROI is
> even an appropriate term when applied to security spending. Try this
> link and have a read.
>
> http://taosecurity.blogspot.com/search?q=roi
>
> Marty
>
> On Fri, Feb 27, 2009 at 12:08 PM, Ravi Chunduru
> <ravi.is.chunduru (at) gmail (dot) com [email concealed]> wrote:
> > I was talking to a junior security administartor working for a big
> > telecom company. He said something which is worrying. After few
> > years of IPS deployment in particular department, they decided to
> > remove IPS devices. It was felt that they did not find enough ROI to
> > justify 2 dedicated personnel to monitor and analyze IDS/IPS logs and
> > reports. It apperas that no major incidents were detected by network
> > IPS devices. they felt that signature coverage is either poor or not
> > timely. i also was told that these IPS devices are from industry
> > leaders.
> >
> > Can you share your experiences? Any examples of successful detection
> > and prevention of major attacks and penetration by IPS devices.
> >
> > Thanks
> > Ravi
> >
> >
> >
>
>
>
> --
> Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
> Sourcefire - Security for the Real World - http://www.sourcefire.com
> Snort: Open Source IDP - http://www.snort.org
[ reply ]