Dailydave mailing list archives
I watch the 2016 RSAC Keynotes so you don't have to
From: dave aitel <dave () immunityinc com>
Date: Wed, 16 Mar 2016 17:05:12 -0400
http://www.rsaconference.com/videos?tags=Keynote I like to watch all the keynotes after RSA and see what kinds of themes there are. Partially because keynotes are 100K at RSAC and that means that probably someone put time and effort into making them worth listening to? They are like the SuperBowl ads of our field. Also sometimes our friends are on stage, which is exciting. Most years, there are one or two that are hilariously bad. Also, because it is a prestigious thing to do, you often have speakers who are executives at big security companies, but who are not necessarily polished pro-level public speakers. What we're looking for in these talks is Vision, with a capital V. In 2016, as usual, most of every keynote fell into the category of "wishful thinking". Every big company wants the industry to give them all of the threat data, and then let them do the "innovation" on the analysis side. That's never going to happen! But yet you hear it again and again, year after year. Cisco <http://www.rsaconference.com/videos/ascending-the-path-to-better-security>and HP and RSA and Intel <http://www.rsaconference.com/videos/louder-than-words> and everyone else say this year "What if everyone just used our platform for your point products?" which sounds great but the only real way people have been able to make themselves a platform for point products is to do M&A. Collectively all the big companies have realized that the management costs of all their products are prohibitive for every customer, and no customer is going to buy just one product stack. HP did have some interesting hidden announcements about how they can find DNS beacons going outbound out of all of their huge data set. They said they find 50 new ones a day. I don't think they've tested against INNUENDO <http://immunityinc.com/products/innuendo/> yet though. Everyone SAYS they are doing lots of great analysis, but how do you know you are detecting APT unless you can test against APT? It is also amazing to see DIRNSA declare privacy of our citizens part of the essential equation <http://www.rsaconference.com/videos/remarks-by-admiral-michael-s-rogers>. He also stuck to the government talking point about how industry is amazing and can find a magical compromise. And of course, he, along with everyone else, has caught on to the idea that data theft can quickly turn into data manipulation. It's also interesting to hear the president of RSA talk about how badly the Government messed up with Wassenaar, and to hear that nobody who helped write the VMWare talk bothered to tell the CEO of VMWare that Wireshark is free software. To be fair, VMWare won "Worst of Show" this year <http://www.rsaconference.com/videos/not-lost-in-translation-building-an-architecture-to-reshape-cybersecurity>. They demoed some moderately interesting capabilities (software defined networking as part of your VMWare stack!) but everything about the talk was grating and terrible or an obvious half-truth. The CEO of VMWare has no idea that Wireshark is free software, and neither did anyone who helped write their talk. They paid one hundred thousand dollars to demonstrate on stage in front of three thousand customers how much vision they are lacking...and it is showing in their corporate performance as the get eaten alive by the rest of the virtualization market. Also, we have to stop bringing kids on stage to talk about how the "Youth are our future". It's so boring. -dave Previous years: https://lists.immunityinc.com/pipermail/dailydave/2014-April/000661.html https://lists.immunityinc.com/pipermail/dailydave/2014-April/000642.html
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- I watch the 2016 RSAC Keynotes so you don't have to dave aitel (Mar 16)
- Re: I watch the 2016 RSAC Keynotes so you don't have to Andreas Lindh (Mar 21)