RE: [WEB SECURITY] Re: perfect security architecture (network)

["Andre Maisonneuve" <Andre.Maisonneuve@xxxxxxxxxxxx>]

There was no mention about "investment of money" in my comments. It is not exact to assume application to application security is costing a lot of money! It is in fact conducive to significant savings!

André


-----Original Message-----
From: C0BR4 [mailto:cobradead@xxxxxxxxx] 
Sent: 8 août 2005 23:47
To: websecurity@xxxxxxxxxxxxx
Subject: [WEB SECURITY] Re: perfect security architecture (network)

Hi All,

thank you for all you comments!!!!!.security professionals say they
have good security policy,product developers say they have the best
firewall,IDS,IPS,etc....


if 75% of attacks are based on application vulnerabilities,and if my
firewall doesn't protect my network,my IDS/IPS doesn't detect zero day
attacks .

I think their is no point investing so much money on security
products. open source products can do the trick(IPTABLES,SNORT).

steps to security..

1.educate the end user abt security essentials.
2.don't buy pirated software
3.regular security audit of the network and host systems.
4.regular backups.
5.good management to support ur security team.


and .......




thank you
C0br4

---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/