[Dshield] Guidance Software hacked?
cbrenton at chrisbrenton.org
Fri Dec 23 15:14:06 GMT 2005
On Fri, 2005-12-23 at 07:45 -0600, Frank Knobbe wrote:
> You do know that EnCase is a forensics image acquisition and analysis
> software, right? Do you expect them to image their servers on a daily
> basis and look for intrusions?
Direct from their marketing slick: "integrate with select IDS systems to
complete the automated incident response equation. This integration
offers an unprecedented level of ___real-time information___"
So they are either pushing this as a feature and not actually using it
themselves, or there is a problem with the integration that caused the
incident to go unnoticed for a three week period or time. Would be cool
to know which it is.
More information about the list