funsec mailing list archives
RE: Re: The AV.
From: "Young, Keith" <Keith.Young () montgomerycountymd gov>
Date: Mon, 20 Mar 2006 15:22:25 -0500
We live in a capitalist society. If you can make an AV that's ten
times
better than existing products, and ten times cheaper, then I really
cannot
imagine why you haven't done so. The reason why it hasn't happened, is *not* because the AV companies
don't
want to. It's because they don't know how to - and neither do I.
No, it is because solving the issue cannot be done by any type of anti-virus or IPS product. Sometime in the past 15 years, everyone in the security industry has gotten lazy. Instead of defining how our data is accessed/moves across our network (baseline), and then restricting only what is necessary to do our jobs (default deny), we are trying to throw a bunch of technologies such as IPS/data classification/AV/etc software (default permit) as an easy way to "secure" our networks. Dr. Solomon, as you have stated before, we will only change to Grannyx when [the cost of security incidents plus the cost of the default permit technologies] is greater than [the cost of baselining then implementing default deny]. Until that happens, we will all be fighting a losing battle. PS. For those wanting a good read, check this out: <http://www.ranum.com/security/computer_security/editorials/dumb/index.h tml> --Keith Keith Young, Security Official Department of Technology Services Montgomery County, Maryland phone - (240) 777-2955 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Re: The AV. Young, Keith (Mar 20)