Intrusion Detection Systems: Re: Counterpane Managed Security Monitoring

[mht () clark net (mht () clark net)]

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
This is another big issue for me as mentioned in the whitepaper:

"Trained security analysts are at the center of Counterpane's service: a 
team of specially trained and
highly skilled professionals. They receive extensive training in network 
security and incident handling,
but it is their on-the-job experience that is most important. Because our 
analysts see attack after
attack, incident after incident, they have a breadth and depth of knowledge 
that is impossible to
replicate within an organization. Attacks are not rare events or exceptions 
to our analysts; they're
everyday occurrences. They understand attacks and how they work in the real 
world, know what
responses work and don't work, and are able to implement solutions quickly. 
Organizations can now
tap into that knowledge base through our services. Because our analysts 
have access to sensitive
client information, they are held to the highest ethical standards allowed 
by law. We perform a
rigorous pre-employment screening process, including interviews, background 
checks, and
psychological investigations. Continuous awareness training ensures that 
our analysts continue to
conform to our standards of conduct. And, all of our analysts are bonded. "

Seems an awful like the marketing type stuff BBNPlanet used during the Site 
Patrol heyday.  Understanding that somewhat good and bonded security folks 
demand a lot of money unless Bruce has convinced them otherwise.  A good 
six year veteran in the Information Security field can command up to and 
over 6 figures.

Ethical standards - ok so that rules and prevents Bruce from hiring 
"ethical" hackers.  So he has limited himself to CISSP type people, and 
other reputable folks.  Rigrous pre-employment screening process (no 
mention of what service bureau he uses for this background check).  What 
about drug and substance abuse testing?

Access to sensitive data - Hmm, Counterpane appears also to have a fully 
implemented Data Information Classification System in place.  OK So all 
transactions regarding the customer is encrypted, stored in an offsite 
facility, etc, etc.

it really sounds like some pretty slick Snake Oil..!!

/m

At 12:26 PM 7/18/00 -0400, b.g.miller wrote:
> Archive: http://msgs.securepoint.com/ids
> FAQ: http://www.ticm.com/kb/faq/idsfaq.html
> IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
> HELP: Having problems... email questions to ids-owner () uow edu au
> NOTE: Remove this section from reply msgs otherwise the msg will bounce.
> SPAM: DO NOT send unsolicted mail to this list.
> UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
> -----------------------------------------------------------------------------
> Has anyone on the list had experience with the new offering from 
> Counterpane - Counterpane Managed Security Monitoring?  Seems to be
> a meta-IDS bundled with a 24/7 staff.
>
> http://www.counterpane.com/whitepaper.html