Is Network Security a Dead End Career?

很难相信我从来没想过我会坐ting here wondering about the state of security as a viable career path. I have built my career up as a security dude/hacker for years, but lately I have been noticing a few things. - Vendors are getting really good at detecting network anomalies and the interfaces are getting easier and easier to program. - Threat vectors have become so large that now we look at a multi-tiered attack surface instead of a laser-beamed attack point. - Some of the biggest threats are due to applications and bots. Here's the thing. I have be tasked to write a TechWiseTV episode on security and truthfully, the stuff I have is really about as exciting as watching a grad student take a calculus exam. There is really nothing "new" under the sun. Oh, sure - product updates, faster detection, less false positives, this header manipulation or that compliance support; yada friggen yada... I refuse to do old attacks like BGP, ARP Spoofing, WPA cracking, etc... I need new stuff!!! Kinda cool? Ummm... yeah... but I do not go out and by a new car every cycle to get a few nifty features. I suck it up and buy a car with a heated steering wheel when the one I currently have smokes out. My question is this:Have we finally done it and gotten to a point where security is handled via a SaaS provider?在我看来，安全设计如下： - 客户端保护（802.1x，trustsec，av，drive加密） - 设备保护（trustsec，sshv2，dai，snmpv3等） - 防火墙对（深度规则集，N + 1，线速或接近IT） - 服务器保护（TrustSec，Drive Encryption，AV） - VPN子系统（SSL，移动电话，3DES） - 奖金：日志相关设备（OSSIM http：//www.alienvault。COM或MARS）按HARD，底部副本是您的。（向John Codrea喊叫！）但这些设备上的两个大事是： - 设备多久更新一次，以支持最新的Piss-ant Bot，病毒，DDOS或应用程序奢华？- 我的员工如何管理这些设备生成的大量数据？或者我只是插入'um，配置它们，然后再次触摸它们？那是吗？我们是否已经进入了安全性模板的观点？当然，每个帐户都有一些变化，但大多数情况下;我们的安全人士正在争夺我们必须在另一个供应商照顾的小东西。除了更改浏览器规则（或多次浏览器的浏览器）之外，我可以在XS上做多少，或者我可以在另一个PDF漏洞中通过电子邮件发给Adobe的次数？对我来说，感觉就像我是一个安全的底部喂食器等待下次更新。 What fun is that? Once the gear is installed and tuned in, now what? Just turn it over to a SaaS provider and make sure the current threat level is addressed, I guess. When exploits get to the level of application exploitation, the hacker clearly has the advantage. They have an endless stream of applications, the element of surprise, endless worldwide resources and a complicated global legal system protecting them. They exploit and I wait for an update. I HAVE to have a team of full-time researchers 24x7x365 augmenting my staff to try and level the playing field. Point: SaaS security teams. The real security action today seems to be at the research or hobbyist level, where folks are hunting C&C for bots and taking them down. Seems like many resellers I talk to agree that security folks are just not something they are asking for. It's nice to know to design to but a dedicated career? No room at the inn. I tell folks all the time that a solid knowledge in security can really make you stand out from others when you design a VOIP, Data Center or foundational network. Am I wrong here? Is security still a good career path for folks interested? I do not believe so anymore and it hurts to say that. I believe it is like a augmentation skill like Unity in Mass Effect 2. There will always be security but more and more I see it having to be a more of a trusted third-party process that has those resources. So what to about this show? Well, looks like ScanSafe is a good bet. IPS, ASA, CSA are out. LISP seems cool maybe some botnet stuff. Yawn... Is this really all there is?? Jimmy Ray Purser Trivia File Transfer Protocol The length, curl and texture of a dog's fur are controlled by only three genes.