| 1 |
On Fri, Aug 26, 2011 at 2:57 PM, Alex Legler <a3li@g.o> wrote: |
| 2 |
|
| 3 |
> On Friday 26 August 2011 14:18:20 Daniel A. Avelino wrote: |
| 4 |
> > Alex. |
| 5 |
> > |
| 6 |
> > May be a call for volunteers more "intense" could improve the manpower. |
| 7 |
> This |
| 8 |
> > could be a more |
| 9 |
> > easy start point to address, no?. |
| 10 |
> |
| 11 |
> Well, the staffing needs page IS the point for making such calls. It's not |
| 12 |
> that we haven't had people contacting us about helping, it's that they |
| 13 |
> usually |
| 14 |
> disappear shortly after that again after they've seen the tasks at hand. |
| 15 |
> |
| 16 |
> I know how it works! |
| 17 |
|
| 18 |
|
| 19 |
> > I work too in some [smaller] security processes and can figure out what |
| 20 |
> kind |
| 21 |
> > of work are you talking about. |
| 22 |
> > |
| 23 |
> > As Kauhaus pointed, may be somethings should be automated but again, this |
| 24 |
> is |
| 25 |
> > a hard job to |
| 26 |
> > implement and to keep results trustable. |
| 27 |
> > |
| 28 |
> |
| 29 |
> Automation is a key thing I've been introducing in the new tools and |
| 30 |
> processes |
| 31 |
> for sending advisories. |
| 32 |
> I'd rather not focus on a temporary automated system however, knowing that |
| 33 |
> we're about to get back to the/near the status quo. |
| 34 |
> |
| 35 |
> When I think about automation, I had in mind something that could help |
| 36 |
developers to find |
| 37 |
vulnerabilities in a more fast way [searching and confronting CVE, for |
| 38 |
example] and start a |
| 39 |
"call for solution" process. I work with solutions of this type for WEB |
| 40 |
vulnerabilities discover |
| 41 |
and some tools are very interesting to reduce the correction time. |
| 42 |
|
| 43 |
By the way, I will start to read about what a Padawan should know instead of |
| 44 |
|
| 45 |
make speculations prematurelly. :D |
| 46 |
|
| 47 |
Thank you very much for the explanations. |
| 48 |
|
| 49 |
Daniel A. Avelino |
Archives