Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certify Security? Al Potter Premier Services Labs Manager ICSA Labs PGP Key ID: 0x58C95451.

Similar presentations


Presentation on theme: "Certify Security? Al Potter Premier Services Labs Manager ICSA Labs PGP Key ID: 0x58C95451."— Presentation transcript:

1 Certify Security? Al Potter Premier Services Labs Manager ICSA Labs PGP Key ID: 0x58C95451

2 Why 3d Party Security Assurance? What –IS- Certification? What’s Missing? The Premier Services Approach

3 ShmooCon 2005 Why 3d Party Assurance? Vendor:“Trust me, it’s secure.” Customer:“OK!”(Doh!) or“Yeah, Right….” or“Secure? Whassat?” Reagan:“Trust, but Verify….”

4 ShmooCon 2005 (Generic) Certification A performance standard is set. Test Methods are established. Product is evaluated, producing evidence. Evidence is presented; a decision is made as to whether the evidence supports the conclusion that the product meets the standard. If it does, Somebody issues a Certificate.

5 ShmooCon 2005 Certification, Cont’d This is “Evidence Based” Security Assessment…..

6 ShmooCon 2005 What’s Missing? “Certification” is (supposed to be) Objective, Black and White. This doesn’t fit a lot of today’s security problems: –Spam –Spyware –Anything where vendor reaction time is an issue. The “Snapshot” Problem

7 ShmooCon 2005 Premier Services Certify what we can Evaluate the rest Compare where possible In the end, you have more assurance than before……


Download ppt "Certify Security? Al Potter Premier Services Labs Manager ICSA Labs PGP Key ID: 0x58C95451."

Similar presentations


Ads by Google