[Dshield] DShield vs. Symantec

Andy Cuff [talisker] offthecuff at lineone.net
Wed Jan 7 21:57:54 GMT 2004


Hi Pete,
I was looking in a similar space last year but for alert services which
advise on the latest threats be they increased activity, vulnerabilities or
mal code.  I detailed all the current Vulnerability Alert Services at
http://www.securitywizardry.com/alert.htm Some do provide information
similar to that of dShield and Deepsight such as X-Force, though I could
never get a trial of their offering.  E-Secure-IT was very interesting in
that they rely largely on Open Internet sources for their information but
they get it out very quickly with minimal research latency (+ they are
comparatively cheap).  Trusecure provided good information which was well
researched though when I trialled the product it was prior to Trusecure's
acquisition and only sent alerts during extended US business hours. (not
much use in the UK) After the acquisition Trusecure asked that I remove the
statement claiming it was inaccurate, I passed them the spreadsheet and
requested a fresh trial.  Sadly, they refused.

Bottom-line make sure you try the various offerings before paying the often
"high" prices charged. If you are suspicious like me, enter all the email
receipt times into a spreadsheet plotted over time to confirm 24x7 another
very useful feature is SMS for Red Alerts though you can set this up
yourself if needed.

hope this helps, sorry it's a bit of a ramble, but I'm too busy to clean it
up

take care
-andy
Talisker Security Tools Directory
http://www.securitywizardry.com
----- Original Message ----- 
From: "Pete Cap" <peteoutside at yahoo.com>
To: "General DShield Discussion List" <list at dshield.org>
Sent: Wednesday, January 07, 2004 3:52 PM
Subject: [Dshield] DShield vs. Symantec


> So, I've got this salesman from Symantec attempting to sell me (or,
rather, the organization for which I work) a subscription to their DeepSight
Threat Management System.
>
> For those of you who are not familar with DeepSight, basically Symantec's
analysts take data from about 20k contributors in 180 countries (IDS logs,
traffic data, etc.) and perform trend analysis (sound familiar?).  I suppose
this question is directed mostly towards Johannes...as far as being a data
source...how does dShield stack up against those numbers?
>
> Also...for anyone familiar with DeepSight, or using their services, how
useful have you found them to be?  Worth the money or not?  Do they provide
anything which you are unable to do yourself?
>
> Thanks,
>
> Pete
>
>
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list