Stopping Stupid – Dulling the Edge of Hanlon’s Razor

May 12, 2009

There is a corollary to Murphy’s Law called Hanlon’s Razor that goes as follows:

“Never attribute to malice that which can be adequately explained by stupidity, but don’t rule out malice.”

In the world of IT security, much risk and ultimately damage is caused by stupid in the form of ignorance or selfishness or just plain zero brainwave activity.  Because nothing can render defenses useless faster than human stupidity. 

So how do you stop stupid?  It is not easy, because a quote by Friedrich Schiller says:

Against stupidity, the gods themselves contend in vain.” 

What is needed is something that is doggedly persistent and tireless in its defense against stupid.  Something that never throws up its hands in the face of relentlessly repetitive stupid.  Something that no matter how many times it must turn stupid away will do so with a singular purpose.   

Triumfant resolution Manager does a great job of security configuration management.  It will continuously enforce security policies and configurations, and when it sees non compliance it will automatically create a remediation to return the endpoint machine to compliance.  It will also detect machines that have been changed in such a way that is anomalous to other like machines in the endpoint population, and based on how anomalous the change is, either create a remediation or alert the administrator. 

In other words, Triumfant will stand tirelessly, continuously, and relentlessly against stupid.  Every time a user sets his or her machine to a configuration or state that would create a vulnerability, Triumfant will set it back.  If the user then changes the setting the next day, Triumfant will set it back.  If the user disables their antivirus agent, Triumfant restores it.  

No other tool that I know of is equipped to address the human element of security at the endpoint like Triumfant.  The ability to continuously scan a machine and build a remediation on the fly is completely unique in the market and is uniquely capable to mitigate the effects of stupid.  Given that there is no human intervention needed to remove the effects of stupid, your organization gets a solution that delivers with near zero human costs. 

A loosely attributed quote from Einstein summed up stupid as follows:

“Only two things are infinite, the universe and human stupidity, and I’m not sure about the universe.”

But combining Triumfant’s configuration management capabilities to Triumfant’s ability to detect, analyze, and remediate a malicious attack without signatures and without human intervention, and you have a really powerful tool to add to your security strategy.  It won’t completely mitigate stupid, but it will win one small skirmish in the war and dull the edge of Hanlon’s Razor.

4 Comments | Endpoint Security | Tagged: , , , , | Permalink
Posted by Jim Ivers

Triumfant Selected by Gartner as a “Cool Vendor 2009″

March 17, 2009

Triumfant received word that we were selected as a “Cool Vendor” for 2009 in the Cool Vendors in IT Operations and Virtualization, 2009 report (http://tinyurl.com/CoolVend). Given that being designated “cool” is, well, cool, we are excited. Of course, the study itself is copyrighted property of Gartner, so I invite you to view the study through your paid subscription to Gartner.

Triumfant has received a lot of attention about our security capabilities in the recent months, specifically our ability to detect and remediate zero day malware. But the ability to identify and fix operational issues before they become a trouble ticket is at the foundational core of the formation of the company. So it goes without saying that we are delighted to be designated “cool” in this particular area of application for our solution. In tough economic times, the ability to detect, analyze, and repair problems with no human intervention has real value in the area of IT Operations and Services Management. Reducing trouble tickets by 20% to 40% is something organizations can easily quantify in regards to real dollars saved.

Much of the things that make Triumfant useful and noteworthy in IT Operations are also applicable in security (specifically security configuration management) and we think that makes a product like ours a great value for our customers. There is clearly a convergence of operations and security which we see in varying degrees of maturity as we visit customers and prospects, but it is happening. So having a single solution like ours that addresses both ends of this coming convergence is, in a word, cool.

I guess what I am saying is that we think that our “cool” is not limited just to IT Operations. Of course, that is an unofficial extrapolation on my part. But one I think is easy to defend.

Leave a Comment » | Endpoint Security, Incident and Problem Management | Tagged: , , | Permalink
Posted by Jim Ivers