mailing list archives
Re: Getting Off the Patch
From: Pete Herzog <lists () isecom org>
Date: Thu, 13 Jan 2011 19:45:13 +0100
Yeah, sounds good in theory. What about when vulnerabilities (and
presumably patches) come out for your "sandbox" or other security
That's why you use a wide array of operational controls and not just
one, like a sandbox. The sandbox in the article was just a small example.
IMO, adding more software to a system rarely results in overall
management gains. This is because most software, including security
software, sucks. If you find yourself patching too often, or you
can't trust that the patches won't break your environment, then you
probably need to find a software vendor that invests more in QA.
I couldn't agree more. Flaws in operational controls (security
software) are a serious shame on the security industry and as you
suggested, if you have that many flaws in a software, replace the
vendor. However, I'll go one more- if you find your patches breaking
too often or too many things, then stop patching and find an alternative.
Pete Herzog - Managing Director - pete () isecom org
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/