[Dailydave] Risk Management Services
Adriel T. Desautels
adriel at netragard.com
Tue Apr 3 14:33:19 EDT 2007
Host Intrusion Detection Systems by their very nature require that they are
deployed on each host to be monitored. That creates a scalability and
management issue. IDS/IPS is centralized for the most part. You simply
install an agent at the ³focal² points of the network(s) and monitor all
ingress and egress traffic.
On 4/2/07 11:23 PM, "C Q" <kyle.c.quest at gmail.com> wrote:
> There's probably two reasons why nobody wants to buy HIDS...
> First, which especially applies to Blink (made by eEye), it's
> because it's unusable... I turned it off and uninstalled it
> after using it for just a few minutes. Second, companies
> rely on their significant investements in firewalls, IPSes,
> application proxies, etc and they feel that they are protected
> enough (I'm not saying that they are correct in their assumptions,
> but that's what they usually think :-) ).
>
> Companies do, however, buy other types of host-based
> "risk management systems" that try to protect their IP,
> sensitive information, etc, which also helps them with compliance
> (SOX,HIPAA,PCI,etc).
>
> On 4/2/07, Dave Aitel <dave.aitel at gmail.com> wrote:
>> A HIDS shakeup? Sana takes in more money and Ross Brown gets fired from
>> eEye's CEO all in the same day? I never can get anyone to buy HIDS. We often
>> recommend it in our reports, but no company ever bites the bullet and does
>> it. Perhaps when they think HIDS they think this:
>> http://media1.break.com/dnet/media/content/pic2903.jpg .
>>
>> I wanted to point out that Applied Security has posted the results from their
>> shmoocon hacking contest (note that I come in last!).
>> http://www.appliedsec.com/conferences.html
>>
>> They've also got a server set up so everyone can play, which, I have to say,
>> takes cojones. I guess that's the sort of thing you can do when you are a
>> sponsor for GRSecurity.
>>
>> -dave
>>
>>
>> _______________________________________________
>> Dailydave mailing list
>> Dailydave at lists.immunitysec.com <mailto:Dailydave at lists.immunitysec.com>
>> http://lists.immunitysec.com/mailman/listinfo/dailydave
>>
>
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
--
Regards,
Adriel T. Desautels
Chief Technology Officer - Netragard, LLC
Office: 617-934-0269 || Mobile : 857-636-8882
http://www.linkedin.com/pub/1/118/a45
http://www.netragard.com
-------------------------
"We make IT secure."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20070403/fd944377/attachment-0001.htm
More information about the Dailydave
mailing list