The industry would self-correct pretty quickly if customers weren't satisfied with their contractor firing off a quick Nessus scan, and handing this year's report off along with the bill. A lot of companies don't WANT to know they are vulnerable, because of the shitstorm it causes.
On Jan 7, 2012 3:38 PM, "Laurelai" <[email protected]> wrote: On 1/7/12 5:31 PM, Ferenc Kovacs wrote: > > > > On Sun, Jan 8, 2012 at 12:03 AM, Laurelai <laurelai@... Because they pay the kids to own them in a safe manner to show that their so called expertsd are full of shit, then they fire said experts and hire competent people saving time money and resources, try and remember the guys with the certs are the ones getting owned by the skiddies with sqlmap so that should show you how broken the infosec industry is, want to fix it? Start by hiring the skids because they are still more competent than the guys they are owning. If that one gets owned you hire the guy who owned him ect... until you actually have to know what the hell your doing to be in infosec. Use a Darwinian approach to the industry. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
