<HTML>
<HEAD>
<TITLE>Re: [Dailydave] Risk Management Services</TITLE>
</HEAD>
<BODY>
<FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'>Host Intrusion Detection Systems by their very nature require that they are deployed on each host to be monitored. That creates a scalability and management issue. IDS/IPS is centralized for the most part. You simply install an agent at the “focal” points of the network(s) and monitor all ingress and egress traffic. <BR>
<BR>
<BR>
On 4/2/07 11:23 PM, "C Q" <kyle.c.quest@gmail.com> wrote:<BR>
<BR>
</SPAN></FONT><BLOCKQUOTE><FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'>There's probably two reasons why nobody wants to buy HIDS...<BR>
First, which especially applies to Blink (made by eEye), it's<BR>
because it's unusable... I turned it off and uninstalled it<BR>
after using it for just a few minutes. Second, companies <BR>
rely on their significant investements in firewalls, IPSes,<BR>
application proxies, etc and they feel that they are protected<BR>
enough (I'm not saying that they are correct in their assumptions,<BR>
but that's what they usually think :-) ). <BR>
<BR>
Companies do, however, buy other types of host-based<BR>
"risk management systems" that try to protect their IP,<BR>
sensitive information, etc, which also helps them with compliance<BR>
(SOX,HIPAA,PCI,etc). <BR>
<BR>
On 4/2/07, <B>Dave Aitel</B> <dave.aitel@gmail.com> wrote:<BR>
</SPAN></FONT><BLOCKQUOTE><FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'>A HIDS shakeup? Sana takes in more money and Ross Brown gets fired from eEye's CEO all in the same day? I never can get anyone to buy HIDS. We often recommend it in our reports, but no company ever bites the bullet and does it. Perhaps when they think HIDS they think this: <a href="http://media1.break.com/dnet/media/content/pic2903.jpg">http://media1.break.com/dnet/media/content/pic2903.jpg</a> . <BR>
<BR>
I wanted to point out that Applied Security has posted the results from their shmoocon hacking contest (note that I come in last!). <BR>
<a href="http://www.appliedsec.com/conferences.html">http://www.appliedsec.com/conferences.html</a><BR>
<BR>
They've also got a server set up so everyone can play, which, I have to say, takes cojones. I guess that's the sort of thing you can do when you are a sponsor for GRSecurity. <BR>
<BR>
-dave<BR>
<BR>
<BR>
_______________________________________________<BR>
Dailydave mailing list<BR>
Dailydave@lists.immunitysec.com <a href="mailto:Dailydave@lists.immunitysec.com"><mailto:Dailydave@lists.immunitysec.com></a> <BR>
<a href="http://lists.immunitysec.com/mailman/listinfo/dailydave">http://lists.immunitysec.com/mailman/listinfo/dailydave</a><BR>
<BR>
</SPAN></FONT></BLOCKQUOTE><FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'><BR>
<BR>
<HR ALIGN=CENTER SIZE="3" WIDTH="95%"></SPAN></FONT><FONT SIZE="2"><FONT FACE="Monaco, Courier New"><SPAN STYLE='font-size:10.0px'>_______________________________________________<BR>
Dailydave mailing list<BR>
Dailydave@lists.immunitysec.com<BR>
<a href="http://lists.immunitysec.com/mailman/listinfo/dailydave">http://lists.immunitysec.com/mailman/listinfo/dailydave</a><BR>
</SPAN></FONT></FONT></BLOCKQUOTE><FONT SIZE="2"><FONT FACE="Monaco, Courier New"><SPAN STYLE='font-size:10.0px'><BR>
<BR>
</SPAN></FONT></FONT><FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'>-- <BR>
<BR>
Regards, <BR>
Adriel T. Desautels<BR>
Chief Technology Officer - Netragard, LLC<BR>
Office: 617-934-0269 || Mobile : 857-636-8882<BR>
<a href="http://www.linkedin.com/pub/1/118/a45">http://www.linkedin.com/pub/1/118/a45</a><BR>
<a href="http://www.netragard.com">http://www.netragard.com</a><BR>
-------------------------<BR>
"We make IT secure."<BR>
</SPAN></FONT>
</BODY>
</HTML>