Re: New presentation is up: 0days: How hacking reallyworks

[Ron Gula <rgula () tenablesecurity com>]

People are already doing that ...

I think a lot of the reasons folks buy nCircle, Qualys, FoundScan,
Lightning, Verisign, .etc is because of compliance issues. I don't
want to start a "compliance" thread (BTW, I loved the token GLBA
slide in the 0days presentation), but the other half to being
compliant is monitoring user activity. Even with systems patched
100%, companies are still required to show which users are allowed
to go where and exceptions to the rule.

Ron Gula

At 05:03 PM 2/1/2005, Kevin Ponds wrote:
> So why aren't we marketing network appliances which automate this?
>
>
> On Tue, 01 Feb 2005 16:35:00 -0500, Ron Gula <rgula () tenablesecurity com> 
> wrote:
> > Yeah, but lots of folks are used to paying large sums of money
> > for this so they are "compliant". Even if I can sprinkle the IBM
> > magic pixie dust on all my systems so they are patched 100% 24x7,
> > I still need to prove this to the auditors who are in my hair.
> >
> > If things get *that* good from a patch level, we'll probably start
> > to focus more on network change as in - gee, your web server does
> > not have any known vulnerabilities, but what business function
> > does it really serve?
> >
> > Ron Gula

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave