Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] [WEB SECURITY] comparing information security to o

from [Will Jefferies] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] [WEB SECURITY] comparing information security to other industries
Date: Tue, 19 Dec 2006 15:02:03 -0600 
That's a tough question to address.  I don't think the security industry
will achieve perfection no more than the other industries you listed.

Like the other disciplines, research continues, but so do the evolution
of threats.  Construction and engineering is plagued with their own set
of challenges that must be overcome.

Buildings can be engineered and constructed with a high degree of
confidence, but a good, strong storm or earthquake can still bring them
down.  Security is the same in that sense.

We can evolve our knowledge and implementations, but a good, strong
storm (or careless error) can bring it all down :-)

 

My 0.02

 

Will

 

________________________________

From: KT [mailto:ktriv3di@msn.com] 
Sent: Tuesday, December 19, 2006 2:16 PM
To: full-disclosure@lists.grok.org.uk; websecurity@webappsec.org
Subject: [WEB SECURITY] comparing information security to other
industries

 

So we have been dealing with information security from last 20 years and
still the world is at large lost. We still see banks vulnerable to
trivial XSS attacks and software broken by buffer overflows. How do we
compare to other industries like construction, engineering, finance?
What I am trying to figure out is how mature we are and how long will it
take for to get stable?

Confidentiality Notice: This message is for the sole use of the intended 
recipient(s).
It may contain confidential or proprietary information and may be subject to the
attorney-client privilege or other confidentiality protections. If this message 
was
misdirected, neither FNC Holding Company, Inc. nor any of its subsidiaries 
waive any
confidentiality, privilege, or trade secrets. If you are not a designated 
recipient,
you may not review, print, copy, retransmit, disseminate, or otherwise use this 
message. 
If you have received this message in error, please notify the sender by reply 
e-mail 
and delete this message.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] comparing information security to other industries, Valdis . Kletnieks
Next by Date:  Re: [Full-disclosure] comparing information security to other industries, coderman
Previous by Thread:  Re: [Full-disclosure] [WEB SECURITY] Re: comparing information security to other industries, coderman
Next by Thread:  Re: [Full-disclosure] comparing information security to other industries, Nancy Kramer
Indexes:  [Date] [Thread] [Top] [All Lists]