The reporting gap

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It's interesting that the security "tactical" reporting, largely filled 
by blogs, has been pretty spotty lately. Is the latest Flash bug 0day or 
not 0day? Is the Adobe Reader bug being exploited in the wild, or not? 
Perhaps it's an indication that people are paying less attention to each 
individual vulnerability now. But I think it's something worse.

There's a lot of stuff a good security weblog that's vendor independent 
COULD say though. The market is still pretty unprobed - there's a lot of 
huge security companies out there no one writes about. Take one: 
INS.com. There's a thousand more like that, and they have a huge impact 
on the market, technology, and everything else we do. When was the last 
time you heard about them on ZDNet or eWeek or The Register?

I won't claim to be "vendor independent" or even technology agnostic. 
But there's a gap here in our industry that more journalists and 
analysts should fill. 451Group and a few others are there, but we need more.

- -dave


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIZYrStehAhL0gheoRArDHAJ9Q30p/ApeIRpG2xni4YTF7pkeJVgCfRxCi
k0KWzLDD1mBGgMC0M0WuaHM=
=iv1h
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave