Jason Miller, 2004-08-12
Step away from all the vendor hype. The one device that will always be the best tool for information security is a competent security professional.
Colapse all |
Post comment
The Panacea of Information Security
2004-08-13
si (1 replies)
si (1 replies)
Supporting a much needed security upgrade doesn't count as vendor hype.
2004-08-13
DPH
DPH
While I think we as security professionals should reserve judgement on the effectiveness of this service pack until the full consequences of it are known. I don't see any problem with Tim's view that everyone should seriously work at resolving any risks to it's widespread deployment. And I certainly...
[ more ] [ reply ]
[ more ] [ reply ]
The Panacea of Information Security
2004-08-14
Anonymous (1 replies)
Anonymous (1 replies)
That's great, training and knowledge is terrific.
BUT, many open source tools require more user knowledge than many admins have, and they often pale in comparison to shrink wrap.
NOT always, of course, but many times they do. Try patching your systems in an enterprise with 30,000 users in a W...
[ more ] [ reply ]
BUT, many open source tools require more user knowledge than many admins have, and they often pale in comparison to shrink wrap.
NOT always, of course, but many times they do. Try patching your systems in an enterprise with 30,000 users in a W...
[ more ] [ reply ]
The Panacea of Information Security
2004-08-17
Anominous
Anominous
A lot of problems could be avoided with one simple rule: Don't implement any piece of software until you have someone who understands it.
It may be tempting to buy off-the-shelf software and get instant gratification, but if you treat the software as a magic box, you're setting yourself up for a p...
[ more ] [ reply ]
It may be tempting to buy off-the-shelf software and get instant gratification, but if you treat the software as a magic box, you're setting yourself up for a p...
[ more ] [ reply ]
The Panacea of Information Security
2004-08-16
Anymouse (1 replies)
It seems these days that everyone is a security expert, even the helpdesks! Apparently it does not take years of network design, network administration, and the mastery of multiple OS's and programming languages to become a "security expert" now. All you need to do is spend a lot of money on a pro...
[ more ] [ reply ]
Anymouse (1 replies)
It seems these days that everyone is a security expert, even the helpdesks! Apparently it does not take years of network design, network administration, and the mastery of multiple OS's and programming languages to become a "security expert" now. All you need to do is spend a lot of money on a pro...
[ more ] [ reply ]
The Panacea of Information Security
2004-08-18
Anonymous
Anonymous
ROFL nice posting. Funny but unfortunately true :o(. Am recruiting Security Engineers at the moment and the quality of candidates is shocking. Many people think just because they did a Vendor Certification they are security experts. But ask about standard protocols like HTTP and SMTP and they can't ...
[ more ] [ reply ]
[ more ] [ reply ]
Perhaps SF's other columnists could use your advice.
It's funny how one columnist writes a well thought out coherent article (namely this one) and just above his, another columnist (see "Redmonds Salvation") writes an article which could have been written...
[ more ] [ reply ]