|
Dailydave
mailing list archives
Re: Twitter: (verb) to fail under exponential growth
From: "Chris Eng" <ceng () Veracode com>
Date: Sun, 29 Jun 2008 15:02:07 -0400
Oh come on, you know the answer to that. Because things break. Same
reason people don't run WAFs in prevent mode, same reason IPS isn't more
popular. Source/binary tools could patch automatically, in theory, but
in order to measure whether it broke something, you have to have an
extremely robust regression suite.
Network scanners applying patches for known vulns... don't some products
do that already, integrating with patch management tools and whatnot?
I've always wondered about the rest of our technology that
fails in a similar way. Why do our application assessment
tools not also fix the bugs they find? If you're trying to
buy web application scanning, then your scanner should also
be updating the application to fix those pesky SQL Injection
bugs. Your binary/source analysis tool should be svn
commiting patches to fix your overflows. If you have to rely
on a developer to understand the bugs themselves, it doesn't
scale. Your network attack tool should upload and run the
right patch automatically.[1] Does the modern generation of
scanners do this?
- -dave
[1] Obviously you can upload a management program like
BindView instead,
but this means you have to MANAGE everything, which doesn't scale.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIZ70etehAhL0gheoRAv/ZAJ9KjggIYf8ch5Hnw5Blajlg5U4+6gCZAVwk
WB9QwhyVDqiGFA182Oso9m4=
=nHWH
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
|
Intro
