Security Basics mailing list archives
Re: Threat prevention and pro-active open source monitoring
From: John Doe <security.department () tele2 ch>
Date: Mon, 7 Feb 2005 19:39:27 +0100
Am Freitag, 4. Februar 2005 19.59 schrieb Chris Naegelin:
Can anyone point me in the right direction for any software products or vendors that might do this sort of thing: We want an intelligent agent or a group of agents to search and archive various parts of the web / chat rooms / usenet groups based on specific content which could be threatening to an organization. To be more precise: A discussion initiates on a newsgroup about a possible vulnerability in our software product or website. The agent happens to monitor this newsgroup and detects the conversation as a potential threat and thus creates a report.
I'd say that an _intelligent_ agent would not identify such a discussion as a threat to your organisation but tell you to take the discussion as a chance to improve your product, since it may be a threat to your customers using your (possibly insecure) product.
I've seen this sort of thing being called "open source monitoring" and may even fall under "brand protection"
Is it possible that you are more interested in suppressing discussions about security holes in your software than make it more secure?
[...]
Just my nooby opinion.
Current thread:
- Threat prevention and pro-active open source monitoring Chris Naegelin (Feb 07)
- Re: Threat prevention and pro-active open source monitoring John Doe (Feb 09)
- <Possible follow-ups>
- Re: Threat prevention and pro-active open source monitoring miguel . dilaj (Feb 09)