Post from Anton Chuvakin, commenting a post from another blog, is one of those to hang on the wall. The posting that he talks about got a point when it says that there are lots of people trying to follow best practices and standards instead of doing real security. I think it's partially right. If the process is lacking intelligence it won't work anyway. And I agree that there are some "best practices" that are not so
Best Practices?
Best Practices?
Best Practices?
Post from Anton Chuvakin, commenting a post from another blog, is one of those to hang on the wall. The posting that he talks about got a point when it says that there are lots of people trying to follow best practices and standards instead of doing real security. I think it's partially right. If the process is lacking intelligence it won't work anyway. And I agree that there are some "best practices" that are not so