Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PCI DSS & Firewalls

From: jseymour () linxnet com (Jim Seymour)
Date: Thu, 2 Apr 2009 14:05:59 -0400 (EDT)

"Paul D. Robertson" <paul () compuwar net> wrote:


On Thu, 2 Apr 2009, Chris Blask wrote:


[snip]


Oh, it is.  And even there, having more Pen Testing done in the world is
itself a move in a positive direction, so that's a good thing by any
metric.


If you're a pen tester.  I can set up a gazillion systems with holes that 
a pen test won't ever find- pen testing as a stipulated requirement is 
silly- there are lots of ways to ensure your security that actually work, 
pen testing at best should be an option in conjunction with stronger 
methods like configuration auditing of security devices.


I am reminded of Back In The Day when I was learning how to design
software systems and write code.  One theme was consistent across all
that I read: You're further ahead, by far, by starting with good design
and proper coding techniques than ever you'll get by endless hours of
testing and debugging.

Regards,
Jim
-- 
Note: My mail server employs *very* aggressive anti-spam
filtering.  If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.linxnet.com/contact/scform.php>.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: