Or you could have fun breaking it into 1000 little pieces. Steel post security.
John On Fri, Oct 23, 2009 at 6:34 AM, <[email protected]> wrote: > I am notoriously bad at picking up on sarcasm over email, especially > lacking the appropriate <sarcasm> tag, but are you seriously suggesting > tailoring the testing to only highlight the features that you know work? I > can understand wanting to demonstrate what would get caught, but the real > value of testing this system is to find out where the weakness exist so that > appropriate controls can be added to reduce those risks. The testing > methodology should be expansive enough to use as education for the idiots. > > > On Oct 22, 2009 2:14pm, Chris Merkel <[email protected]> wrote: > > I agree with Ron - DLP is an "idiot screen" and is useful for little > > > > more. Therefore, your testing methodology should be to emulate idiots > > > > and nothing more. (and educate any idiot who thinks it will solve your > > > > leakage issues.) > > > > > > > > > > > > > > > > On 10/22/09, xgermx [email protected]> wrote: > > > > > Create a small TrueCrypt container, copy sensitive files to container, > copy > > > > > container to usb or email container. > > > > > > > > > > On Thu, Oct 22, 2009 at 10:38 AM, Brian Schultz > > > > > [email protected]>wrote: > > > > > > > > > >> Our security department is testing out Symantec's Vontu and I am > playing > > > > >> the guinea pig and have to try and get documents out of our company's > > > > >> environment. I have a really basic understanding of how it works. It > has a > > > > >> span port sitting and listening to all outgoing web traffic and there > is > > > > >> also an agent that sits on desktops and watches to see if any > sensitive > > > > >> information leaves via USB drive or e-mail. > > > > >> > > > > >> Does anyone have any whitepapers or info regarding how it actually > works > > > > >> or > > > > >> any tactics I should try? > > > > >> > > > > >> _______________________________________________ > > > > >> Pauldotcom mailing list > > > > >> [email protected] > > > > >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > > > >> Main Web Site: http://pauldotcom.com > > > > >> > > > > > > > > > > > > > -- > > > > Sent from my mobile device > > > > > > > > - Chris Merkel > > > > _______________________________________________ > > > > Pauldotcom mailing list > > > > [email protected] > > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > > > Main Web Site: http://pauldotcom.com > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
