[unisog] Security Verbage for Bids or Request for Purchase

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Thu Apr 14 20:09:57 GMT 2005


On Thu, 14 Apr 2005 14:08:15 CDT, Keith Schoenefeld said:

> I would guess that you would have more people balk if it said something 
> like:
> 
> "By accepting this purchase order, you are verifying that any offer your 
> company makes to VA Tech will not contain any hardware and/or software 
> that is vulnerable to one or more of the 'SANS/FBI Top 20 Internet 
> Threats', a listing of which is available at 
> http://www.sans.org/top20.html for your review"

Whoops. ;)  What you wrote is certainly what we *intended* to say, and I have
no idea how we collectively bobbled it for over 3 years and nobody noticed.

(For the record, I wasn't in the set of people who officially made the decision
on the text to use, but I did weigh in with a "looks good" on it....)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050414/160d84e2/attachment.bin


More information about the unisog mailing list