the never-ending game

1. New bugs are found; exploits are published

2. Hordes of idiots cause damage using those exploits

3. Vendors are pressured to come out with fixes

4. Users install the fixes (sometimes? rarely?)

5. Go to step 1.

The big questions are:

1. How can we protect a large site? (The site is only as strong as its most poorly administered machine.)

2. How can we pro-actively protect against attacks that we have never seen before, to avoid Step 2 damage?

Previous slide

Next slide

Back to first slide

View graphic version