IDS mailing list archives
Re: IDS\IPS that can handle one Gig
From: Frank Knobbe <frank () knobbe us>
Date: Mon, 06 Jun 2005 14:30:37 -0500
On Sun, 2005-06-05 at 03:39 -0400, Vikram Phatak wrote:
The biggest knock I've heard about VM is that it doesn't actually "protect" anything since it is not patching vulnerablities.
I think this single line shows the biggest problem in the security industry, the need to protect vulnerabilities. Instead of adding layers to protect the bag of vulnerabilities, we should open the bag and remove the vulnerabilities one by one. The term vulnerability management is equally flawed. We should not at all "manage" vulnerabilities, but "identify" and "eradicate" them. The whole notion of keeping vulnerabilities around is just flawed... ... and I wonder if IPSes just foster the complacency to accept and live with vulnerabilities... Cheers, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- RE: IDS\IPS that can handle one Gig Andrew Plato (Jun 01)
- RE: IDS\IPS that can handle one Gig Peter Schawacker (Jun 01)
- Re: IDS\IPS that can handle one Gig Vikram Phatak (Jun 06)
- Re: IDS\IPS that can handle one Gig Frank Knobbe (Jun 07)
- Re: IDS\IPS that can handle one Gig Control Zed (Jun 07)
- Re: IDS\IPS that can handle one Gig Frank Knobbe (Jun 08)
- Re: IDS\IPS that can handle one Gig Terry Vernon (Jun 08)
- Re: IDS\IPS that can handle one Gig Vikram Phatak (Jun 06)
- RE: IDS\IPS that can handle one Gig Peter Schawacker (Jun 01)
- <Possible follow-ups>
- RE: IDS\IPS that can handle one Gig Palmer, Paul (ISSAtlanta) (Jun 01)
- Re: IDS\IPS that can handle one Gig Ed Gibbs (Jun 04)
- Re: IDS\IPS that can handle one Gig Bob Walder (Jun 04)
- Re: IDS\IPS that can handle one Gig Bob Walder (Jun 05)
- Re: IDS\IPS that can handle one Gig Per Engelbrecht (Jun 01)
- RE: IDS\IPS that can handle one Gig Prashant Khandelwal (Jun 01)