Showing posts from September, 2012

The replacement security analyst's Top 10

I'm a huge football fan so the depth of my joy at the return of the "real" NFL referees cannot be measured. Given the replacement ref debacle I felt compelled to share a replacement security analyst's Top 10.
Note: at one time or another in my career I have truly heard all of these.
In no particular order...

Disable AV altogether, its inconvenient when moving malware samples around.Passwords longer than eight characters make it hard to do your job.Don't worry about chain of custody or evidence integrity, cases rarely go to court anyway.When a concerned user calls about a potentially compromised system, tell them to just run McAfee Stinger.Why would you want to keep DNS logs?Go ahead and give developers the ability to deploy code to straight to production from their desktops. It helps them be agile and creates efficiency.Proxying egress web traffic is an invasion of privacy and makes users mad, so don't do it.Your vulnerability scanner is causing my service to c…

toolsmith: SearchDiggity - Dig Before They Do