Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Incident investigation methodologies

From: "Tim Hollebeek" <tholleb () teknowledge com>
Date: Thu, 10 Jun 2004 10:40:42 -0700


Harlan Carvey wrote:


As do I.  And I also think that it would greatly
benefit the community, by moving us beyond the
stagnation faced by phrases like "...but a hacker
could...".  Some small degree of paranoia...perhaps
"caution" is a better term...is necessary in the
security profession, as no one person can know
everything there is to know.  However, many of us
working together can know quite a lot...


I remember I was in the office of the head of a
security consulting group, and on his whiteboard was
a list of quotes including "Trust Nothing".  I asked
him if he really believed it, since after all you
always have to trust SOMETHING, if only just a little.

He smiled, and shrugged, and said the customers like
to hear it.
Previous By Date Next
Previous By Thread Next

Current thread: