On Thu, 11 Mar 2004, Baldwin, James wrote:
I applaud the idea of a outsourced department that will manage the denial of service, and "hordes of script kiddie" (nod to Ranum) problems that plague modern networks. Anything that keeps me from being distracted from more interesting lines of thought, rather than constantly following up on outside nuisances is a Good Thing (tm).
There are hundreds of managed security providers which happily take your money, analyze your firewall and other security logs, monitor "underground" sources, notify service providers on your behalf, etc. There a many "black lists" operated by for-profit and non-profit organizations which will block not only the compromised computer, but also hundreds of other computers to "get the attention" of people. Most are reputable. But the security industry is full of puffery like home alarm companies promising their customers "armed response." "Armed response" may be armed, but its doubtful they will go charging into your house with guns blazing when your house alarm goes off. This company's P.R. firm has succeeded in getting people talking about a company without a released product. I suspect when they finally do release their product, it will be much less than the hype. Perhaps people could recommend some managed security firms with good reputations. Unfortunately, the best ones also seem rather dull. They understand there are no magic solutions and don't pretend to have "secret sauce." It just basic hard work.