[OWASP-Raleigh, NC] November humor and point-and-click security

Enders, Hans hans.enders at hp.com
Fri Nov 13 10:49:51 EST 2009


1.  As a follow-up to yesterday's discussion on alternative thinking for security, I wanted to share this classic thought from XKCD, the $5 wrench:   http://xkcd.com/538/

2.  (attachment)  One of my counterparts recently posted a series on clients who just want point and click security.  So I drew up the attached image to mock the concept.  I think this topic could make an interesting meeting in the future:  "How and why app security is difficult, and how people are streamlining it."

This series of posts answers the question "Can't I just point-n-click?" from the perspective of an advisor ...seeking to teach a customer why it's not realistic for them to seek to purchase a web app scanner tool that will "do all the work for you" ...  Full disclosure: I work for this part of HP.

Automated Security Testing - Can't I just point-n-click?  (Part 1): http://www.communities.hp.com/securitysoftware/blogs/rafal/archive/2009/10/16/security-testing-can-t-i-just-point-n-click.aspx
Automated Security Testing - Can't I just point-n-click?  (Part 2): http://www.communities.hp.com/securitysoftware/blogs/rafal/archive/2009/10/16/automated-security-testing-can-t-i-just-point-n-click-part-2.aspx
Automated Security Testing - Can't I just point-n-click?  (Part 3): http://www.communities.hp.com/securitysoftware/blogs/rafal/archive/2009/10/16/a.aspx


Hans Enders | HP Presales Consultant | +1 919-279-5189 | hans.enders at hp.com 

     "Habeas data"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Clippy for Web App Sec.JPG
Type: image/jpeg
Size: 15302 bytes
Desc: Clippy for Web App Sec.JPG
Url : https://lists.owasp.org/pipermail/owasp-raleigh/attachments/20091113/d882e9e9/attachment.jpe 

More information about the Owasp-raleigh mailing list