The replacement security analyst's Top 10

I'm a huge football fan so the depth of my joy at the return of the "real" NFL referees cannot be measured. Given the replacement ref debacle I felt compelled to share a replacement security analyst's Top 10.
Note: at one time or another in my career I have truly heard all of these.
In no particular order...

  1. Disable AV altogether, its inconvenient when moving malware samples around.
  2. Passwords longer than eight characters make it hard to do your job.
  3. Don't worry about chain of custody or evidence integrity, cases rarely go to court anyway.
  4. When a concerned user calls about a potentially compromised system, tell them to just run McAfee Stinger.
  5. Why would you want to keep DNS logs?
  6. Go ahead and give developers the ability to deploy code to straight to production from their desktops. It helps them be agile and creates efficiency.
  7. Proxying egress web traffic is an invasion of privacy and makes users mad, so don't do it.
  8. Your vulnerability scanner is causing my service to crash! Turn it off!
  9. We don't need to fix XSS. You can't hack a server with it.
  10. But it is encrypted. We used MD5 hashing to store the credit cards in the database.
In a similar vein, you'll really enjoy Infosec Reactions if you haven't already seen it.
Welcome back, NFL refs. :-)


Popular posts from this blog

Toolsmith Tidbit: XssPy

Toolsmith In-depth Analysis: motionEyeOS for Security Makers

Toolsmith Release Advisory: Malware Information Sharing Platform (MISP) 2.4.52