Dailydave mailing list archives
Re: Risk Management Services
From: "Paul Melson" <pmelson () gmail com>
Date: Tue, 3 Apr 2007 07:05:23 -0400
On 4/3/07, Dave Aitel <dave.aitel () gmail com> wrote:
According to Ryan Naraine[1], they're making 12 Million dollars a year selling that and Retina, so someone's using it. Oddly, it's the exact same amount of money that Sana just took in. Weird day in HIDS land.
Well, someone's using Retina at least. Which makes sense,since Nessus on pure Windows is still undoable and NVA/pentest work is a big-money consulting niche to this day. I've been off the road for 2 years, but I never saw and as far as I am aware still haven't met anyone that uses Blink. I've seen a few SecureIIS installs, though even that's probably a tough sell these days as it's no doubt getting harder to find people still running IIS 5 on Win2K. That may be the real reason we're seeing Brown go - the $12M from 2006 doesn't seem sustainable without a new product and/or new marketing that will drive sales. Hell, I bet they'd sell better if Marc Maiffret just started posting to full-disclosure again. http://marc.info/?l=full-disclosure&m=117524796007054&w=2 Speak of the devil. :-) Anyway, I think the reason HIDS in general doesn't see a lot of widespread adoption is that companies view their production networks - especially where Windows is running, where HIDS gets the most traction - as fragile. They don't want "agents" or "clients" or anything that could hurt performance or stability. And while I haven't personally ever touched Blink, I've seen it's competition implode when installed in just the wrong environment. That, and at still roughly 5-10x the per-seat cost of AV products, it's hard to sell a product that basically does what IT managers think AV does. PaulM _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Risk Management Services Dave Aitel (Apr 02)
- Re: Risk Management Services C Q (Apr 02)
- Re: Risk Management Services Dave Aitel (Apr 02)
- Re: Risk Management Services Paul Melson (Apr 03)
- Re: Risk Management Services Jeff Moore (Apr 03)
- Re: Risk Management Services Dave Aitel (Apr 02)
- Re: Risk Management Services Adriel T. Desautels (Apr 03)
- Re: Risk Management Services C Q (Apr 02)
- <Possible follow-ups>
- Re: Risk Management Services trklisted (Apr 03)
- Re: Risk Management Services Mark Teicher (Apr 03)
- Re: Risk Management Services trklisted[at]networksamurai[dot]org (Apr 03)
- Re: Risk Management Services Mark Teicher (Apr 03)
- Re: Risk Management Services Jeff Moore (Apr 03)