Thursday, June 28, 2007

reflecting on CSRF

As more light and heat is being generated by the release of (at least) 8 products being vulnerable to CSRF attacks, what surprised me more than the flaw existing practically everywhere was the (non-)response by supposed security vendors.

All software has bugs. It shouldn't be any big surprise to reveal that.

What keeps you ahead of the game is how you respond to bugs, including security holes, especially for security vendors.

Yet, besides Check Point, their reaction seems to have been to cover their ears and pretend it didn't happen. One vendor claimed to have filed "a formal complaint with CERT"; we'll get out more about that one later. :)

1 Comments:

Blogger custom essay service uk said...

Your post is totally on point. Just the way you defined about software's, same goes for life, we will face all kinds of people, good and bad, it all depends on us how we deal with every individual.

5:10 AM  

Post a Comment

<< Home