IDS mailing list archives
Re: amount of alarms generated by IDS
From: nick black <dank () suburbanjihad net>
Date: Tue, 25 May 2004 05:39:45 +0000 (UTC)
On 2004-05-22, Stefano Zanero <stefano.zanero () ieee org> wrote:
The thing that amazes me is the total lack of detail about how "normal" and "not normal" patterns of usage are defined and detected. I can understand that the exact details of the implementation are a trade secret, but being actively involved in research on anomaly detection topics, I'd like to hear some details from vendors on these technologies, at least identifying in general terms the class of algorithms they are using.
Absolutely! I would argue that a vendor refusing to share some depth regarding these matters isn't worth buying from, especially given the prices we're talking about. For that same reason, we've maintained a purely open-source underbase throughout development -- trust in the components essential to our ambitions requires some translucence. I can't speak for our official, current sales practices (or competitors' at any time), but I have been called in to discuss methodologies with several customers. I'm surprised when this diligence is omitted, not to say I'm unhappy left alone to merrily code :). -- nick black <dank () reflexsecurity com> "np: nondeterministic polynomial-time the class of dashed hopes and idle dreams." - the complexity zoo --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- Re: amount of alarms generated by IDS, (continued)
- Re: amount of alarms generated by IDS Dennis Cox (May 11)
- Re: amount of alarms generated by IDS Jason (May 13)
- RE: amount of alarms generated by IDS Frank Knobbe (May 11)
- Hi, I want to study IPS cto (May 11)
- RE: Hi, I want to study IPS Shawn (May 13)
- Re: amount of alarms generated by IDS Andy Cuff (May 11)
- Re: amount of alarms generated by IDS nick black (May 14)
- Re: amount of alarms generated by IDS Stefano Zanero (May 22)
- Re: amount of alarms generated by IDS nick black (May 25)