Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Why Security testing is required

From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 20 Feb 2004 15:25:58 -0800
  I've heard of companies that thought they were secure because
they had purchased a firewall -- even though it was still in its
box.  I've encountered cases where the firewall was set up and 
configured, but was off on a stub and not between the interior 
and exterior networks.  And I've seen properly-installed firewalls
with code and/or configuration bugs, or subverted by less-than-
scrupulous admins....

  Knowing what you intended to implement provides only a first 
approximation to what actually got implemented.  Empiricism can't
do everything, but for some jobs you accept substitutions only
at your peril.

Dave Gillett



As a non technical person I want to know why security 
testing is required when all security systems like Firewall, 
IDS and content management are in place.



---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_security-basics_040219
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: