Sunday, May 19, 2013

Security Benchmarks & Comparisons – Plans for 2013

It's kind of hard to admit that your current strategy leads to a dead end… Hard, but liberating.

I initially started this blog because I was searching for a way to sort through an insane amount of tools I collected over the years - so we can all weed out the irrelevant and stick with what works.

Obviously, things got a little complicated, and after doing double shifts and spending half my nights over the past 4 years on comparisons, I realize now that I only covered 60-70 tools.

Sure, I had a good reason to do so - learning curve, comprehensiveness, accuracy, credibility, evolution… but the numbers don't lie.
As much as I like the idea of a one man army, the current rate is NOT what I expected, and to achieve something greater, I'll need to get some resources and some help (yeah yeah, mental too).

Nope, that DOES NOT mean that I'm about to stop any of my planned activities, researches or benchmarks. Giving up is for wusses.

It does mean, however, that I'm going to make some changes that will enable me to cover more, even if I have to make some decisions I was dreading and trying to postpone.

So what I'm planning for 2013 is to branch out and cover additional types of tools & products, in addition to vulnerability scanners.

That means updating WAVSEP with some hybrid issues, becoming less of a control freak, let go the leash I was so inclined on keeping, and probably even creating additional comparison platforms.
Yep… b   a   c   k      t   o      w   o   r   k.