August 14, 2003
Why Security Products Rarely Solve The Problem
Security products are useful when they enhance an organization's control over information flows and system reliability. Products that filter or otherwise pick out malicious behavior are only useful as alarm systems if the number of false alarms (false positives in industry-speak) is small.
Wired has just run a story written by a woman who spent some time working as a baggage screener for the TSA. Her experience demonstrates the problems with scanning in the physical world. Unfortunately, scanning network traffic often produces similar amounts of false positive alerts.Posted by Abner on August 14, 2003 09:43 AM | TrackBack