RSA Wrap-up: What's Hot

Submitted by Mike Rothman on Mon, 2006-02-20 08:45.
::
There were clearly pockets of strength in the security space demonstrated at RSA. Here's a quick list of the hotties at the show (and I'm not even focusing on the return of eye candy to RSA):
  • Identity Management - There was lots of activity at the show, validating the choice of IdM as the subject of the first battle plan (available at the end of the month). All of the big guys (Microsoft, IBM, Sun, HP, et al) where there in force and lots of other network-security oriented vendors were talking about the linkages between IdM and network access control (NAC) in an effort to differentiate. My checks with resellers and users indicated the IdM strength is not vendor push. It's happening. Another data point was the overflowing sessions on IdM during the conference - I'm talking standing room only. IdM is hot.

  • Network Access Control - A bit further off is NAC, but there was tons of activity in this space as well. The big (Cisco, Microsoft, Symantec, McAfee) and the little (ConSentry, ForeScout, Lockdown, Mirage, StillSecure, Vernier) were well represented and NAC will be the next big thing. The clear challenge for the start-ups will be to focus on clear differentiation to remain relevant. I can't recall a hot market space where the big players are delivering products, mostly home-grown, in the same timeframe as the start-up. Big is clearly the new small.

  • Encryption - Scarily enough, this may actually be the year that encryption happens. Sure, there is still confusion as to what you really can do, and it's not nearly transparent enough. But the rising tide is lifting all the boats (PGP, PostX and Voltage notably) and it seems that a decent portion of that compliance budget is being allocated to rolling out crypto.

  • OATH - The stand set up to demonstrate the Open Standard for Authentication seemed to be packed the entire show. There were something like 10 vendors in there demonstrating their OATH compatible solutions, and this standard is taking root. Given the momentum for IdM and NAC, the need for continued focus on the authentication part of the equation is clear.

  • "Leak Prevention" - It's not clear what this category is called quite yet, but it's basically about making sure that private data and intellectual property stays where it belongs. There was a lot of activity in this space.

  • Web/Application/Database Security - There is a lot of interest in boxes (and software too, I guess) that protects applications and databases from targeted attacks. This market is poised to be big in 2007, so figure next year's RSA show will have this as a prominent theme.

Clearly this is an unscientific analysis of what was going on, but by roaming around the show floor a bit and talking to lots of people you get a pretty good feel for what is going on.