[logs] Re: on database logging

From: Marcus J. Ranum (mjr@private)
Date: Wed Mar 21 2007 - 19:28:31 PST

Anton Chuvakin wrote:
>A huge improvement, isn't it?

I'm not trying to be a wiseass, but we've all heard of countless
"huge improvements" going on in computer security. Gargantuan
sums of money have been spent. Yet I see no sign whatsoever
of the situation improving, unless you're:
a) a security consultant
b) a pen tester
c) someone who sells compliance-mandated security products

Systems appear to be just as penetrable as they were 10 years
ago. Data appears to be just as exposed as it was 10 years ago
(it just shows up in the press now, whenever a customer database
is dumped). Organizations appear to be just as clueless about
what's going on in their networks as before. Etc.

Let's enjoy it while we can. But sooner or later the bean-counters
are going to come looking for all that return on security investment
and all we'll have to show them is....? Well - the constant stream
of disasters has to stop.


LogAnalysis mailing list

This archive was generated by hypermail 2.1.3 : Thu Mar 22 2007 - 08:36:40 PST