« FX on Attack Surface of Modern Applications | Main | Minnesec rises from ashes »

Comments

Richard Bejtlich

Related idea -- intrusion debt.

Andre Gironda

Oh dood, you totally forgot that Cloud computing can utilize AV! The Cloud is saved!!

jOHN

Gunnar,

As I commented last time in person. I believe you have to add "Application Firewall" to the list of protections security vendors have cooked up. The addition serves the purpose of showing that the security industry THINKS it's made an evolutionary jump away from network-only security (it's an 'application' firewall after-all).

Yet, anyone reading this blog will snicker at the absurdity of this control. Analyzing the data for content does little against even tired web-attacks when the tools get messed up by switching the order of URL parameters, when they can't be deployed to monitor/protect SSL connections with any reasonable performance, when the extent of their rule languages reduce to 'grep' and they can't handle analysis across requests in a stateful connection.

The comments to this entry are closed.