I was going back through my archived reading material the other day and I came across some articles I thought were excellent several months ago..in fact I still do. It's what I think is required reading if you're a enterprise manager trying to make sense of your security and identity architecture.
Noal Eppem, a security analyst, wrote a long article this past spring titled "Security Absurdity: The Complete, Unquestionable and Total Failure of Information Security". He methodically notes each area where security is failing against modern attacks. I agree with his observations.
Then there is the voice of wisdom from one of the original inventors of the proxy firewall, and founder of a number of security firewall and IDS companies, Markus Ranum. Markus is a man who doesn't mince words. He too, like Noal, is pretty depressed about the current state of IT security. I strongly recommend two of his articles:
Computer Security: An utter failure (scroll down the page and look for his "new stuff" then select the link under "Utter Failure".
What is "deep inspection"?, written in 2005 is an excellent history of firewall, AV, IDS and IPS development.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us