Thursday, April 30, 2009

Last RSA thoughts ...

The attendance was way down, but RSA has always been a vendor-to-vendor show to encourage open discussions on security. This year seemed to focus on all things cloud, and aligning security with business requirements. With that, here are a few loose ends from last week …

AVG, a nifty endpoint security player, reports that 60% of infected Web sites disappear in less than 24 hours. Cisco is doing a nice job of incorporating Ironport’s reputation heuristics into its security offerings, applying the technology to IPS devices to dramatically boost performance and filter short-lived transient attacks. It looks like this bold move by Cisco could work out for their customers.

I really liked what I heard from Citrix and TrendMicro, and even Microsoft (though it takes them an insane amount of time to ship any security product). Together with Cisco and IBM it is good to see the major infrastructure vendors with product roadmaps recognizing that coordination between host, network, and cloud is the way forward.

I have gone almost full circle on Web application firewalls. I was a huge advocate back in my Yankee Group days, but now I am less sure. WAFs all but died off because IT preferred to fix applications the right way – in the source code – rather than putting a band-aid in front of the app. WAFs are challenged penetrating deeply into the applications chain of Web servers, application servers, and data base servers to thwart SQL injection attacks. PCI threw a lifeline to the segment, but IBM will put a hurt in it with its free version. IBM can do that because scanning and fixing the source code is the Rational route.

Finally, a thanks to Greylock. I’ve been critical of VC’s not venturing new startups over the last two years. Their reception was the networking highlight of the week. There were quite a few friends I would’ve missed had it not been for Greylock’s generosity!

No comments:

Post a Comment