At 1:47 PM -0500 12/2/08, Andrew van der Stock wrote: > Content-Type: multipart/signed; boundary=Apple-Mail-3-828357388; micalg=sha1; > protocol="application/pkcs7-signature" > > Hi James, > > You're absolutely correct - trying to come up with countermeasures for > 730+ issues is crazy. It's much better to have valid controls for the > minimum number of things that must be done right, and if they are, > then hey presto, attacks using one or more of those 730+ vulnerability > classifications either do not work, do no to little damage, and may be > even trigger an intrusion escalation procedure.
Some of the very important control requirements for 800-53, 8500.2 and PCI DSS have to do with Auditing. Even if some irregularity is caused by malfunctioning software rather than by malicious behavior, having auditing enabled is crucial to figuring out what _is_ going on. -- Larry Kilgallen _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
