Does anyone have any whitepapers, resources, or even blog posts about the case for or against third-party managed security services? I'm not opposed to biased whitepapers such as a case for MSSPs from someone who offers the service, but I would prefer something that takes a step back and sees both sides. Rambling/ranting is ok, as are mailing list threads if I happened to miss something here or elsewhere. For some background, I'm not the biggest fan of managed security because of my own interest in security; I don't want someone else watching my alerts and making guesses for me. But I do realize for some organizations (such as those lacking in-house security staff/expertise), it might be the best option. I'm just looking for some opinions and viewpoints so I can advise "a buddy," beyond just my own thoughts. This could be revolving around DLP, IPS (both host and network), and SEIM/SIM products pulling in system and network logs/events. Thanks!
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
