RE: Vulnerability Scanners ( was: concerning ~el8 / project mayhem )

["Kalat, Andrew (ISS Atlanta)" <akalat () iss net>]

> When users bypass technology controls, policies need to take 
> over.  "Mr. Consultant, your fired for taking deliberate 
> action to bypassing security controls and jeapordizing this 
> corporation.".

Ah, how I wish that were the case. :) So many companies I've seen it go
like this:

Security: Hey! You can't do that! You just violated the policies! HR,
get 'em!
Revenue Generating Employee(RGE): I needed to do it to help a customer,
go away.
RGE's Boss: Yeah, it was necessary. Geez, you security guys really don't
want us to be successful do you?
HR: <silence>

So, I agree! 100%! Unfortunately a lot of companies don't, right or
wrong. So at least it's helpful to find it and get rid of it, even if
there are no consequences that give the policies any bite. Sure,
companies like that suck, but they are more plentiful then I care to
admit. 

> I likewise feel scanners, with constantly updated signatures, 
> run regularly, can enhance the abilities of a security 
> department.  Scanners should not been viewed as replacement 
> or a bandaide for missing security processes / procedures.

You got it. It's unfortunate if you find yourself in a company without
mature and enforced policies.




---------------------------------------------------------
Andrew J. Kalat,                | Direct:(404)236-2713 
                                  | Main:  (404)236-2600
Internet Security Systems, Inc. | E-Mail: akalat () iss net
6303 Barfield Road                | <http://www.iss.net/>
Atlanta, GA 30328                         | PGP key available.


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards