Educause Security Discussion mailing list archives
Re: Security Metrics
From: Mike Lococo <mike.lococo () NYU EDU>
Date: Mon, 5 Nov 2007 11:08:31 -0500
http://www.amazon.com/Security-Metrics-Replacing-Uncertainty-Doubt/dp/0321349989 Has any read this? Any interesting reviews?
Richard Bejtlich of Network Security Monitoring fame has a very positive review on Amazon.com, and has also been doing a moderately interesting series of posts at his website taosecurity.com. Link to Amazon review: http://www.amazon.com/review/R2MKJYGLYTZKEJ
I think Jacquith makes a bit too much of the "you can't improve what you can't measure" mantra...
I might rephrase this as "You can't know you're making an improvement unless you're measuring performance". It's not surprising that Bejtlich signs on to such a premise, since it's a very logical extension of the NSM mantra that you can't defend a network you don't understand. Thanks, Mike Lococo
Current thread:
- Security Metrics Wes Young (Nov 03)
- <Possible follow-ups>
- Re: Security Metrics Karen Duncanson (Nov 04)
- Re: Security Metrics Lovaas,Steven (Nov 04)
- Re: Security Metrics Mike Lococo (Nov 05)
- Re: Security Metrics Wes Young (Nov 06)