Security in the Real World: How to Evaluate Security Technology
Computer Security Journal, v 15, n 4, 1999, pp. 1-14.
The following remarks are excerpted from a general session presentation delivered at CSI's NetSec Conference in St. Louis, MO, on June 15th, 1999.
At Counterpane Systems, we evaluate security products and systems for a living. We do a lot of breaking of things for manufacturers and other clients. Over the years, I've built a body of lore about the ways things tend to fail. I want to share my "top 20 list" of what's wrong with security products these days.
Categories: Miscellaneous Papers