Bill Brenner has an interesting article over at CSO Online about Fortify's announcement of the "death" of Pen Testing (hey, aren't those the folks who trash Open Source software at least annually, and have those embarrassing "booth-babes" at conferences- why, yes they are), and Alex Hutton posted his response to the idea on his Risk Analysis blog.
And, while at CSO I spotted this article on fighting piracy. Some good points, but I think that we may have simply grown too soft to deal with it effectively. Many people seem to have lost touch with the danger inherent in going to sea, and are unwilling to apply the needed harsh responses to maritime terror which will be required to control the problem. By the way, it would be grossly oversimplifying the issue to blame containerization- but when large crews of men manned ships to load an unload the cargo, this kind of small-crew piracy would have been a lot harder to perform.
Jack
1 comment:
Interesting quote, taken somewhat out of context:
"Kevin Riggins, a senior information security analyst for a company in the Des Moines, Iowa, area, said it's hard to argue with Chess' premise that the goal should be fewer failures."
Seems this whole "is Pen Testing 'Dead'" debate surrounds your Failure of Investment metric.
*If it fails, it can't fail again
Post a Comment