« Dubya: "I Am Bias and I am Not Bias, It’s The Right Strategy……"
Silverlight Broadcasts TV: It Really is Getting That Good Now, But Also Painful »

Now That’s a Novel Way to Kill the FUD

Static Analysis Tools Exposition (SATE). If these guys would do this on other tool classes I think we could breakdown some more security religion and get back to creating pragmatic solutions to real problems. Wow, the first two rants ever on my blog each within a few minutes, strange day.

Explore posts in the same categories: Security Bullshit, Security Industry

This entry was posted on February 17, 2008 at 10:14 pm and is filed under Security Bullshit, Security Industry. You can subscribe via RSS 2.0 feed to this post's comments. You can comment below, or link to this permanent URL from your own site.

One Comment on “Now That’s a Novel Way to Kill the FUD”

  1. Andre Gironda Says:
    February 20, 2008 at 12:40 am

    You mean like AV-Comparatives.org ?

    Or like Larry Suto’s paper on web application security scanners?

    Also, I would like to note that SATE is not about benchmarking or comparing the products, it’s just to see if they work or not and to improve the SATE and SRD programs at SAMATE.

    The most interesting part is that it seems that NIST has allowed Aspect Security to bring a real, live person in for the testing. I told you it wasn’t a fair benchmark or comparison!

    Also - Armorize appears to be missing. I think they are the only ones focused on only web application security or any specific field of testing.

Comment: