IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Gartner is Dead, nCircle, Fusion, asset-correlation--was-->False positives, negatives and don't cares

From: "Anton A. Chuvakin" <anton () chuvakin org>
Date: Wed, 20 Aug 2003 16:19:02 -0400 (EDT)
All,


3. Asset Valuation: create a combined asset value (CAV) metric based upon
#2.

This is all very nice, but one of the major challenges here is that this
"value" is inherently manual input (or computable from manual input).
What's even worse, even the code to "program a human" to define such
values manually is not written yet :-) Its just too fuzzy. Once, for
example, I've heard an opinion that some BCP score or whatever can be used
there, but even this turned out to be ineffective.

Thus while some solutions do have the value field (such as for use in
various risk assessment algorithms), I suspect few of the users actually
define it.

Best,
-- 
  Anton A. Chuvakin, Ph.D., GCI*
     http://www.chuvakin.org
   http://www.info-secure.org


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, 
VA; the world’s premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symanetc is the Diamond sponsor.  Early-bird registration ends September 6 Visit: www.blackhat.com
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: