Monday, February 25, 2008

On Inevitability of Compromise

I've been working too much and blogging too little, so here it comes: a blogging frenzy!!! Let's start!

Mike reminds all about the "inevitability of compromise" here: "This year I want to focus on the inevitability of compromise. [...] I mean the fact that your users will do something stupid and thus they will get 0wned and that means your environment will be compromised. Nowadays, it’s just too easy to get nailed. The users don’t have to do anything. The bad guys are now installed drive-by downloads on LEGITIMATE sites."

Do you know what it means? This means logs! Yes, logs!

Mike further clarifies: "... monitoring logs, netflow, and other stuff (like database logs, applications, transactions) is critical to figure out what you should be focusing on."

Dr Anton Chuvakin