i am just new i love the show by the way ;)

but i just want too maybe bring a idea too you guys see what you wanna do with it.
as my job i secure networks but i see many times that people do not invest cash or effort too secure there networks if ya know what i mean i find this pretty irritating especially when they didnt do the simple mysql injection protection or the simple 1=1 ectra.

i would love too see if ya could maybe could make a project too get people aware of the threats that come with this ignorance of people ;)

just a idea

regards

ps keep up the great shows im loving it :)
and i see you guys enjoy it aswel :)

Besides all those non existing punctuations :P You should try getting Firefox with a spell check :/ I'm not good at spelling myself and it helps ^^

Anyways, SQL injections isn't really a way of "securing networks" or is it just me that is to used by the router/switches configuration kinda thing?
And i think they did a segment on it a long while ago?

mysql injection is not a way too secure it its a way too break the security ;)
i didnt see any segments yet on how too really secure yourself or lets say do a company test or something in that nature.

This is what security analysts and professionals are for.

If your company cannot afford someone like this, or is too blind to see the need for one, the best thing to do is do the research yourself.

Create a proposal with all of your vulnerability assessments and present it in a professional manner to someone who's willing to listen.

Including statements like 'total loss' 'business critical' etc tend to raise people's eyebrows on things they might not understand 100%. But that being said, it really is your job to try and educate a decision maker into realizing that in the event something did happen with a malicious hacker or someone out to just wreak havok internally in the company, they would be completely defenseless and the cost to get back to they were is probably a whole lot more than it would have been to invest in some security in the first place.

Education is key in this industry, and unfortunately decision makers today don't have the latest information on what the dangers of insecurity are.

So like I said, get some info together, perhaps throw together a test on a dev machine and show them how easy it might be to do something 'bad' and see what their response is. If they come back at you and say no, the best you can hope for is overtime pay when you're trying to fix something they wouldn't spend money to prevent.

Hope that helps,
Matt

true mat your right there.
ty for the reply