| Rich Freeman via plug on 17 Dec 2020 08:40:45 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] OT: SolarWinds |
On Thu, Dec 17, 2020 at 9:24 AM Rich Kulawiec via plug <plug@lists.phillylinux.org> wrote: > > However, based on what we do know as of this moment: anybody still running > SolarWinds should rip it out by the roots right now and activate their > procedures for archiving/scrubbing/rebuilding compromised systems. While I get your argument, keep in mind the likely consequence of everybody doing this would be that in the future vendors will cover up any security issues and not inform their customers of compromises like this. Ultimately what matters is what a vendor does in the future, not what they've done in the past. The past is of course a good predictor of the future, but it isn't actually the thing you care about. I think one element of due diligence has to be looking at how a vendor actually handles security incidents when they do occur, and you can't evaluate that if you only select vendors who have "never" had a company-threatening incident. Maybe that is because they're just that good. Or maybe it is because they're just that good at hiding the truth from you. Be careful that you don't evaluate your vendors primarily on how good they are at lying to you... -- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug