WebApp Sec mailing list archives
RE: Threat Modelling
From: "Runion Mark A FGA DOIM WEBMASTER(ctr)" <mark.runion () us army mil>
Date: Mon, 24 May 2004 17:13:12 -0000
Interesting discussion and I would agree. There is no single tool that can or will be able to operate on the high or low level of risk assessment or IT and Network Security. However, have you considered that this is why there exists a job field called IT and Network Security Specialist, and one of their primary tasks is Risk Assessments. If you really need this job done rather than buying some incomplete tool...how about hiring a person whom is trained and has experience in precisely this. Not doing so and trusting to tools or wizards is like asking if Microsoft has created a wizard to replace a programming team. But can't we just pay you for a wizard that will replace 10 programmers? The devil is in the details. <- Nice quote, thanks. - Mark Runion To: webappsec Subject: RE: Threat Modelling <snip> <snip>
Current thread:
- RE: Threat Modelling, (continued)
- RE: Threat Modelling brennan stewart (May 22)
- RE: Threat Modelling Mark Curphey (May 22)
- Re: Threat Modelling Frank O'Dwyer (May 23)
- RE: Threat Modelling Mark Curphey (May 23)
- Re: Threat Modelling Frank O'Dwyer (May 23)
- RE: Threat Modelling Mark Curphey (May 22)
- RE: Threat Modelling brennan stewart (May 23)
- Re: Threat Modelling mfranz (May 23)
- Code Signing Certificate & Chat software george eapen (May 26)
- RE: Threat Modelling brennan stewart (May 22)
- Re: Threat Modelling Frank O'Dwyer (May 25)
- Re: Threat Modelling Frank O'Dwyer (May 25)