Re: Risk Management Services

["Mark Teicher" <mark.teicher () gmail com>]

Can you actually pull data from the management station and produce legible
reports yet??

On 4/3/07, trklisted () networksamurai org <trklisted () networksamurai org>
wrote:
>  I have about 1500 blink agents deployed at my hospital here in miami.
> I've been on the product since it was unusable (version 1.2). Version 2.0was awesome,
> 3.0 is better. I have taken it to a bunch of war nets and different cons
> and it stands up.
>
> Although its a part of the fabric its not all of the fabric, we have been
> worm / botnet / virus free for the most part since we've completed that
> overhaul of the security fabric of that net.
>
> moses, networksamurai.org
>     According to Ryan Naraine[1], they're making 12 Million dollars a year
> selling that and Retina, so someone's using it. Oddly, it's the exact same
> amount of money that Sana just took in. Weird day in HIDS land.
>
> I spent all night trying to massage the Mercur IMAP NTLM bug into
> submission. Still nothing. Sometimes the hoolios are the hardest exploits.
> Apparently people actually use these weird little Windows servers though so
> they're worth doing. That's what I'm telling myself, after 10 hours on
> Mercur, anyways.
>
> -dave
> [1]http://blogs.zdnet.com/security/?p=148
>
> On 4/2/07, *C Q* <kyle.c.quest () gmail com> wrote:
>
> There's probably two reasons why nobody wants to buy HIDS...
> First, which especially applies to Blink (made by eEye), it's
> because it's unusable... I turned it off and uninstalled it
> after using it for just a few minutes. Second, companies
> rely on their significant investements in firewalls, IPSes,
> application proxies, etc and they feel that they are protected
> enough (I'm not saying that they are correct in their assumptions,
> but that's what they usually think :-) ).
>
> Companies do, however, buy other types of host-based
> "risk management systems" that try to protect their IP,
> sensitive information, etc, which also helps them with compliance
> (SOX,HIPAA,PCI,etc).
>
>  On 4/2/07, *Dave Aitel* < dave.aitel () gmail com> wrote:
>
> A HIDS shakeup? Sana takes in more money and Ross Brown gets fired from
> eEye's CEO all in the same day? I never can get anyone to buy HIDS. We often
> recommend it in our reports, but no company ever bites the bullet and does
> it. Perhaps when they think HIDS they think this:
> http://media1.break.com/dnet/media/content/pic2903.jpg .
>
> I wanted to point out that Applied Security has posted the results from
> their shmoocon hacking contest (note that I come in last!).
> http://www.appliedsec.com/conferences.html
>
> They've also got a server set up so everyone can play, which, I have to
> say, takes cojones. I guess that's the sort of thing you can do when you are
> a sponsor for GRSecurity.
>
> -dave
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave