According to this article, nearly 80 percent of security products failed to perform as intended when first tested and generally required two or more cycles of testing before achieving certification, according to a new ICSA Labs report. Having lived my prior professional life "in the belly of the software development beast" I can only say, 'Wow, 20% actually worked as advertised?"
The other interesting finding included in the report was that 44 percent of security products had inherent security problems. Security testing issues range from vulnerabilities that compromise the confidentiality or integrity of the system to random behavior that affects product availability.
Things to keep in mind (and ask pointed questions about) the next time a security systems vendor comes calling.
Cheers,
Dave
Subscribe to:
Post Comments (Atom)
About Me
- DaveAtFraud
- B.Sc. ('78) and M.Sc. ('80) in Math from Ohio State followed by 12 yrs at TRW and a variety of software development positions since then. Currently living in Colorado and enjoying "trial retirement". For fun I climb mountains in the summer and ski down them in the winter, fix gourmet food and have an excellent wine cellar.
Ok, so which ones really worked?
ReplyDelete