[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bloomberg on supermicro: sky is falling

Subject: bloomberg on supermicro: sky is falling
From: bill at herrin.us (William Herrin)
Date: Wed, 10 Oct 2018 12:35:56 -0400
In-reply-to: <9578293AE169674F9A048B2BC9A081B40301AC6518@MUNPRDMBXA1.medline.com>
References: <[email protected]> <9578293AE169674F9A048B2BC9A081B403008240F1@WAUPRDMBXP1.medline.com> <1538992139.612460.1534330216.0146D0DE@webmail.messagingengine.com> <CAAeewD-EyvRLBVT-VhpuUvpMyH+NiuH4HJD_rZDCnhkL2Onp-g@mail.gmail.com> <9578293AE169674F9A048B2BC9A081B40301AC5013@MUNPRDMBXA1.medline.com> <CAP-guGV8AMQ3PNqCxD0PNm1R9UUwao8gT_-JG0NThJsLE2JhJA@mail.gmail.com> <9578293AE169674F9A048B2BC9A081B40301AC6518@MUNPRDMBXA1.medline.com>

On Wed, Oct 10, 2018 at 11:25 AM Naslund, Steve <SNaslund at medline.com> wrote:
> You are free to disagree all you want with the default deny-all
> policy but it is a DoD 5200.28-STD requirement and NSA
> Orange Book TCSEC requirement.

And yet I got my DoD system ATOed my way earlier this year by
demonstrating to the security controls assessment team that the cost
of default-deny-all exceeded the risk cost of default-allow with IDS
alerts on unexpected traffic.

Because not spending more on a security implementation than the amount
by which it reduces the risk cost, is a CORE SECURITY PRINCIPLE while
default-deny-all is merely a standard policy.

Regards,
Bill Herrin

-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>

Follow-Ups:
- bloomberg on supermicro: sky is falling
  - From: SNaslund at medline.com (Naslund, Steve)

References:
- bloomberg on supermicro: sky is falling
  - From: surfer at mauigateway.com (Scott Weeks)
- bloomberg on supermicro: sky is falling
  - From: SNaslund at medline.com (Naslund, Steve)
- bloomberg on supermicro: sky is falling
  - From: alfie at fdx.services (Alfie Pates)
- bloomberg on supermicro: sky is falling
  - From: saku at ytti.fi (Saku Ytti)
- bloomberg on supermicro: sky is falling
  - From: SNaslund at medline.com (Naslund, Steve)
- bloomberg on supermicro: sky is falling
  - From: bill at herrin.us (William Herrin)
- bloomberg on supermicro: sky is falling
  - From: SNaslund at medline.com (Naslund, Steve)

Prev by Date: bloomberg on supermicro: sky is falling
Next by Date: bloomberg on supermicro: sky is falling
Previous by thread: bloomberg on supermicro: sky is falling
Next by thread: bloomberg on supermicro: sky is falling
Index(es):
- Date
- Thread