In God We Trust, but Security Vendors Need to Sign the Papers

If Anonymous, LulzSec et al. can pwn security vendors, who can protect us? Here’s help on how to rate security vendors on the sitting-duck scale.

In this two-part look at how to vet security vendors, my first article—In God We Trust, but Security Vendors Need to Sign the Papers—focuses on assessing a vendor. This is done at arm’s length by simple online research as well as by holding security vendors accountable for not living up to various agreed-upon levels of service, similar to what’s being done increasingly by the industries Veracode notes.

The second article, In God We Trust, but It’s Nice to Do a Physical Walk-Through on Security Vendors, features input from Infosec professionals on what to watch for if you can conduct an on-site visit to a security vendor.

Tags:

Comments are closed.