Overview
Explore the shortcomings of commercial "security scanners" in this 59-minute Black Hat USA 1999 conference talk by Greg Hoglund. Delve into the limitations and potential dangers of relying on these tools for network security. Examine how scanners can encourage bad security policies and fail to enforce effective ones. Analyze the market-driven focus on coverage that leads to inaccurate tests based on flawed assumptions. Discover why scanning and repairing your network with these tools may not actually improve your security posture. Gain insights into the false positives, blatant oversights, and other failings of security scanner applications that challenge their effectiveness in achieving true "security nirvana."
Syllabus
Black Hat USA 1999 - 1000 Hackers in a Box: Failings of "Security Scanners"
Taught by
Black Hat