February 7, 2007 - Volume 2, #23 (RSA Day 2)

Good Morning:
Off and running here at RSA. I published a bunch of stuff yesterday on all the keynotes, so check out the blog (here) to read what I thought of the Microsoft, RSA and Symantec keynotes. Suffice it to say, they keynotes were different with no demos, very little product focus. Just a lot of wind relative to where things are going, according to these guys anyway.

RSA as a conference also feels different than last year. There seem to be more customers (users) here and my short tour of the show floor yesterday showed a number of booths that were pretty packed (without the stunt of having a 6'5" swimsuit model - though I figure that will keep a booth well stocked as well). So it's good. I never correlate people with buying since perhaps they are in tire kicking mode, but that's a lot better than not having anyone at the show and it being a big business development humpa humpa.

I also was pretty festive last night, so thanks to all that hosted parties or hoisted drinks. It's always great to see some many familiar faces, as well as so many folks that have read The Pragmatic CSO, and actually have nice things to say about it. Again, if you are at RSA, you can pick it up at the bookstore or as always order it here.

What's the deal with the pushback on booth babes? Alan, Mitchell, Amrit - grow up fellas. Do you think we objectify Cindy Crawford or Giselle Bundchen? These "booth babes" are grown up and beautiful. How they decide to make their living is their problem. Now whether it helps a company sell a security product is a different story, but don't feed me a line of crap about it being unfair to women. Those girls probably made more money yesterday than any of us. Good for them.

Have a great day. My UTM Smackdown panel is at 10:40 AM. I promise a good show, so come see the fireworks. I'm also doing the P2P session on Successfully Selling Security Strategy in the afternoon, check that out too. You can check out my full speaking calendar for the show (here).

Technorati: Information Security, CSO

The Pragmatic CSO is Here! Read the Intro and Get "5 Tips to be a Better CSO" www.pragmaticcso.com

Top Security News

Vista's exploitable - NSS
So what? - NSS is my new favorite term. That and jackass. When I think about the fact that Core Security has figured out a way to exploit Vista (here), I'm both words terms come to mind. It was just a matter of time and the Core release hits the nail on the head. The business system is comprised of many different functions, the OS is only a small part of it. As long as there is application software, there will be exposures. That's just the nature of the beast.
Link to this

Can you believe it - more NAC
So what? - As predicted, still a lot of activity around NAC on day 2. StillSecure talks about "Complete NAC," (here) which adds some post-connect checking to the pre-admission control. For good measure, they also throw some interoperability mojo and identity integration in there. The third leg of the stool is worm mitigation, and it's surprising that StillSecure didn't throw that into the marketing umbrella as well. Identity Engines also announced a pretty interesting positioning for their NAC stuff, addressing the guest access issue (here). Not sure there is anything really different there, but it's interesting to see someone actually talk about a specific customer problem, as opposed to NAC for NAC's sake.
Link to this

IPS on MARS
So what? - Cisco announces some upgrades to the IPS line and more activity around feeding stuff into their MARS analysis platform (here). Whoop de do, but I'm still a bit surprised that Cisco gave up their keynote slots this year. Given the conceptual bent of yesterday's sessions, that is a place where John Chambers would really shine. But alas, I guess Cisco really doesn't care. They are going to sell boxes whether they give a keynote or not. That must be nice. Reflex Security announces a refiger-oven here, which seems to do IPS, identity enabled NAC, and SIEM. If you are hungry, it will also toast up a waffle for you, and bring you a fresh, icy cold brew during the 2nd half. Kidding aside, we are going to see lots of other products continue to integrate functionality at all levels of the security stack. Not sure it fulfills Art's contention about no more stand-alone security companies, but it certainly will help ease the management burden.
Link to this

The Laundry List

Tumbleweed gets into the desk to desk encryption game - here
Secure Elements has a compliance "platform" (since you can just buy it at CompUSA) - here
Tripwire is still around? I guess so, with new configuration audit capabilities - here
AppSec bundles their stuff - here
McAfee becomes a leak prevention Onigma - here
CyberTrust mentors college students (I heard they have a nurturing environment over there) - here

Recently on the Security Incite Rants Blog

Read the most recent Daily Incite
http://securityincite.com/security-incite-rants/daily-incite