Re: Twitter: (verb) to fail under exponential growth

["Paul Melson" <pmelson () gmail com>]

> My thought is this, to avoid getting into the specifics than annoy 
> everyone: People tend to think they can "manage" their networks or their 
> application security, but their management skills are scaling linearly 
> and the problem is scaling exponentially and they can only throw money 
> at it for so long. When people talk about a "self-healing network" what 
> they mean is "we can't afford to manage exponentially growing problems - 
> those problems have to manage themselves".

You can (and, for the foreseeable future, will) continue to "throw money" at
it for as long as your organization needs IT to function.  There is no
financial failure point for security today.  There's no point at which the
CFO and the auditors come down and unplug the [web application] firewall and
say, "Why bother?  No security is cheaper than some security."  

When people buy concepts (and the underlying products) like "self-healing"
networks, what they really mean is, "we're technologists, and we believe in
automation over staffing."  It's natural enough, but as you point out, it
doesn't tend to work well, and never has.


> Of course, Immunity does offense, not defense, and I'm having to 
> translate here from my native language. Where you want a self-healing 
> network, we are creating a self-attacking network, and so on. Having 
> looked at the problem of exponential growth from the attacker's side, 

The same goes for this.  Automated attacks are efficient, but against the
same target, their value quickly declines over time.  I can only assume that
the same will be shown true for automated code analysis.  I envision a
future where "Direct Use of Threads" is the new "ICMP timestamp replies from
router" finding. :-)  

PaulM



_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave