From: Robert (immunitydyadsecurity.com)
Date: Tue Apr 11 2006 - 07:31:15 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 10 Apr 2006 19:01:12 +0100
"Dave Korn" <dave.kornartimi.com> wrote:
> Now, if you were talking about the majority of sigma(attack frequency *
> attack seriousness), i.e. if you're talking about a weighted majority, I could
> get that. So, maybe you mean the majority of *successful* attacks in the
> wild, or the majority of *newly-emerging* attacks in the wild, or
> *non-trivial* attacks, or .... ? Or am I just not seeing the angle you're
> coming from?

Can't speak for Dave, but I believe he was saying it's really hard to quantify something that can't be measured. If you don't know what the attack looks like, you can't measure how often that attack happens. The vocal folks in the US security industy seem to talk mostly about well known vulnerabilities that are used in large scale automated attacks. This is why anti-virus/ids/ips/fw products sell well. We have very few people talking about solutions for targeted attacks.

I've had a conversation on another forum:
http://spiresecurity.typepad.com/spire_security_viewpoint/2006/03/somebody_forgot.html
http://spiresecurity.typepad.com/spire_security_viewpoint/2006/03/why_bugfinding_.html
http://spiresecurity.typepad.com/spire_security_viewpoint/2006/03/more_on_bugfind.html

Oh, also of note... the "guy" ("guy" term found in story at http://blog.washingtonpost.com/securityfix/2006/04/multios_virus_emerges.html) is Anthony de Almeida Lopes of Dyad Security . You can read more about what he's really talking about here: http://www.recon.cx/en/s/alopez.html

Robert

--
Robert E. Lee
CIO, Dyad Security, Inc.
W - http://www.dyadsecurity.com
E - robertdyadsecurity.com
M - (949) 394-2033

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]