SecurityMetrics.org posted an interesting story called Hamster Wheels of Pain. It's a follow-up to an earlier article. I think the present story is cool because Andrew collected and posted the security process "wheels" of 11 security vendors.
I recognize Foundstone's in there, shown as a thumbnail at left.
I think Andrew is a little too cynical regarding some of these process charts. Some are used to sell products, and often reflect vendor biases. Others are just ways to break the security problem down into manageable chunks.
classes to emphasize the traffic-centric approach I take to network security operations.
Does this make me bad? I doubt it.