[jdwithit]

This reminds me of our own security team, who as far as I can tell do nothing but run POC's of new security tools. And then maybe once a year actually buy one, generating a ton of work (for others) to replace the very similar tool they bought last year. Seems like a good gig.

[Bluecobra]

And the sad/funny thing is that said tool would probably do diddly squat if one employee falls for a social engineering/phishing attack.

[oefrha]

Occasionally security products turn into malware delivery platforms as well, because they run very privileged, are sometimes more shoddily developed than what they’re protecting, and have fewer eyeballs on them than the vanilla operating system.

Not to mention they may be another Crypto AG.

[jacquesm]

> Occasionally

Much more frequently than that if you lump 'anti virus software' in with security products.

[Prickle]

As someone who's company just suffered this exact issue, all I can say is yes.

They gave me a laptop with 8gb of ram. The laptop runs invisible security software that nominally takes 6~6.8gb.

We just got penetrated by two attackers in the last 40 days.

[formerly_proven]

> We just got penetrated by two attackers in the last 40 days.

* that you know of