Let me start this off by explaining that my opinions expressed in my blog are in no way, shape or form affiliated with my employer. I know it should go without saying, but in this ridiculous day and age of "PC" and "be-nice-dom" I feel that it's just more safe to say up front that a) this has nothing to do with how I approach my clients, customers or my employer and b) I could care less if you like what I have to say. If I say something that makes someone a bit eerie over it well I can only say "Tough. This is my opinion."
That said, let's get into my rant!
Security Metrics has been the worst PCI compliance experience I have EVER had. Having had to deal with these guys for just over a year I have had to jump through hoop after hoop. It's amazing that "red flags" pop up on EVERY scan even if the previous scan was either successful or manually passed due to false positives. Now they are claiming that I'm blocking their scanner, when NOTHING has changed on the firewall config that would affect their ability to scan our system.
So for 2009, May 1... Security Metrics, you are the first company to qualify for my personal "Shitty Customer Service and Exploitation Award" for 2009. Let's hope someone doesn't overtake this nominee... They're horrible.
I've experienced much less pain in my life (like tearing all of the tendons in my shoulder playing football on the concrete... Or ruining my PCL in a bicycle accident at age 6-7... Or being shot in the chest at 15). At least when I experienced THOSE incidences of pain I knew I was being screwed over and by who. These Security Metrics guys are ridiculous.
I'm going to be gone for a couple of days to go for a trip with my girl. I'll be sure to take some pictures and post them and a little message (pffft... little. Riiiight, right? :) ) when I get back.
Take care,
B
