Dailydave mailing list archives
"Specialization is for insects" - Heinlen
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 10 Mar 2008 11:18:31 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It's interesting the tension between generalism and specialism in information security. For example, we hire consultants who are generalists. Essentially you have to show up at a client in a suit with a body of security knowledge, and learn as quickly as possible how it affects their particular technology, be it Citrix, .Net 3.0, J2EE with Beans, Ruby on Rails, or a DG-UX based system built internally to the client and never exposed to cold air. It's a how-fast-can-you-learn-new-stuff-and-break-it game. But when it comes to technology, I think it's valuable to specialize. Immunity Debugger is a disassembler and debugger that ONLY does Vulnerability Analysis. That's it. It does it in user-space on Win32 and it does it better than anything else out there (IMHO). Lately with CANVAS we've started to see traction with partners who specialize. Doing client-side attacks against a target who wants to know their real risk? You probably want to use Gleg's RealPlayer attacks. Attacking an application hosted on Citrix? You probably want to use the D2Sec pack. (It's what we're using this week. We do eat the dogfood we re-sell!) I find that an over-reliance on generalized scanners is tending to go against the technology gradient. How is a SOAP testing tool going to help you when the server only accepts application/soap+msbin1 format (aka MC-NBFS)? How is a network scanner (with exploits or without) designed for banks going to help your hotel business? Anyways, it's something I'm thinking about, and no doubt a lot of other people on the list too. I wanted to throw it out there : What kind of generalized scanner features can we build that would allow you to build the specialized scanner that actually helps your business? If you want to see CANVAS or SILICA live we have a few conferences coming up: March 13-14, 2008 SOURCE Boston http://www.sourceboston.com/ March 26-28, 2008 CanSec West - Vancouver http://www.cansecwest.com/ April 7-11, 2008 RSA - San Francisco http://www.rsaconference.com/2008/US/Home.aspx April 14-17, 2008 HITB - Dubai http://www.hackinthebox.org/ - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH1VFHtehAhL0gheoRAh3pAJ9ECEE1r3LTAzgJpCTn8dh6OpTemQCff9Zx Dk98x20oNvLPAz+gMOcQwUw= =br4H -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- "Specialization is for insects" - Heinlen Dave Aitel (Mar 10)
- CERT C Secure Coding Standard: last call for reviewers Robert C. Seacord (Mar 13)
- <Possible follow-ups>
- Re: "Specialization is for insects" - Heinlen Mario Santana (Mar 18)