![]() The solution should also do a better job of informing a person of what happened. It would be nice to able to take the report and determine what must be focused on most critically, as opposed to merely being given a tremendous amount of information. I can't print or email a report to somebody in a different environment or to any of my clients for the purpose of advising how they must proceed. While I can go into it and run the scan for the all the information, I must enter each thing individually to see what I need. ![]() ![]() The risk management tool does not have reporting, which I feel to be a huge mistake. I am not looking for what was stopped but for what wasn't, so that I can make an informed decision. It would not be sufficient for me to be informed, say. This information is valuable to a security person such as myself, since it allows me to see what is transpiring and to craft an appropriate response. I can use the telemetry and see what is going on, the steps being taken by a bad actor. I don't teach and protect, but detect and respond. Any security solution can be circumvented. But, as someone in the security world, I know this is not accurate. They simply want something to stop an attack, to prevent them from being hacked. This is what most people are interested in. It is not sufficient to simply do installation and rely on the telemetry. Telemetry is just information that comes from the solution, which means that there is much of it that comes up. The telemetry is key but, when it comes to this, one must know what he is looking for.
0 Comments
Leave a Reply. |