The threat actor(s) are free to attack any day any time. Infosec has to be on the ball 24/7 while having imperfect visibility and a ever changing attack surface both inside and outside.
And security vendors promise the moon and stars and then later it's all "you have to tune it" gee thanks for the hundreds of alerts I have to "tune" while still working with 30+ other tools that we've been trying to tune.
And security vendors promise the moon and stars and then later it's all "you have to tune it" gee thanks for the hundreds of alerts I have to "tune" while still working with 30+ other tools that we've been trying to tune.
Am I bitter? Yes.