Thursday, September 27, 2012

The replacement security analyst's Top 10

I'm a huge football fan so the depth of my joy at the return of the "real" NFL referees cannot be measured. Given the replacement ref debacle I felt compelled to share a replacement security analyst's Top 10.
Note: at one time or another in my career I have truly heard all of these.
In no particular order...

  1. Disable AV altogether, its inconvenient when moving malware samples around.
  2. Passwords longer than eight characters make it hard to do your job.
  3. Don't worry about chain of custody or evidence integrity, cases rarely go to court anyway.
  4. When a concerned user calls about a potentially compromised system, tell them to just run McAfee Stinger.
  5. Why would you want to keep DNS logs?
  6. Go ahead and give developers the ability to deploy code to straight to production from their desktops. It helps them be agile and creates efficiency.
  7. Proxying egress web traffic is an invasion of privacy and makes users mad, so don't do it.
  8. Your vulnerability scanner is causing my service to crash! Turn it off!
  9. We don't need to fix XSS. You can't hack a server with it.
  10. But it is encrypted. We used MD5 hashing to store the credit cards in the database.
In a similar vein, you'll really enjoy Infosec Reactions if you haven't already seen it.
Welcome back, NFL refs. :-)

No comments:

Moving blog to

toolsmith and HolisticInfoSec have moved. I've decided to consolidate all content on one platform, namely an R markdown blogdown sit...