Friday, March 9, 2012

Post BSidesSF and RSA Post

It was a great week for Security BSides.  I post semi-regular updates to the BSides Google group if you want the ongoing story, but a couple of high points:

I met with Mike Dahn and Gene Kim for a few Board meetings, we reviewed accounting, roles, 501(c)(3) filing status (which is ‘waiting for CPA to complete the audits”), how best to support BSides event organizers, and more.

We had a great conversation with folks from RSA and the RSA Conference.  We all want to minimize needless tension, and RSA was gracious.  The event organizers for BSides San Francisco will continue the conversation with RSA in the coming months.

I had some good conversations with folks from Black Hat.  This will be tricky, we have a direct overlap on dates, and a greater overlap on speakers, sponsors, and attendees than we do with RSA.  But, we’ve started talking.

And finally, planning for BSides Las Vegas 2012 moved forward through several good conversations during the week.

The RSA Conference was the RSA Conference.  It is where a lot of business of InfoSec gets done.  I thought it was better than the past few years as far as talk content.  As has been observed by many, it is not generally the place for cutting edge research, and the expo is all about selling security products.  It can be disillusioning to see the crass commercial side of our business.  The split between those who say RSA is great, and those who leave scarred and scared seems to be whether you have productive meetings during the week (and I had a lot of those this year).

Our Burnout panel went well, we filled the room on Monday afternoon.  Members of the team will be presenting at other venues including AIDE and possibly Infosec UK.  I’ll post more about the career research, as well as the burnout project, as those efforts evolve.

Amazingly my P2P session on “What Works in Log Analysis” was packed, too.  Of course, we had more questions than answers, but people have realized how much data we are missing in our own logs, and want to ease the pain of finding the goods.

All the usual vendor hype and FUD was out in full force on the Expo floor and beyond.  “Big Data” was the buzz phrase of the year, and it seemed at least as poorly defined as APT, Cyber, Cloud, and other past buzzes (even though most have real definitions to those who actually know what they are talking about).  Some glaring examples:

Ferraris and firewalls? I get the speed reference, but really…

Special dishonorable mention goes to Bit9 with the little girl in their poster- ugly scare tactics are ugly.

Good vendors blighting themselves is a recurring theme, whether it is execs telling untruths and trashing the competition, or folks showing ignorance in talks, or just general boorish behavior- there was plenty to see.  Let’s not even discuss what the bad vendors do.

Special dishonorable mention in this category goes to NetOptics, a good company with great products. I have nothing against fast cars, attractive women, or network tools- in the proper context. All three in one obnoxiously loud booth is not the proper context for any of them, especially when I just want to see the latest in traffic capture tools.  Sadly, NetOptics seems to think this is the way to present themselves at RSA, they were a bit obnoxious last year too.  There were certainly worse vendors there, but it really annoys me when good companies do bad things.  The usual fear and hype mongers are somehow easier to ignore than people tarnishing their own otherwise good image.

And yes, we are still dealing with the “booth babe” phenomenon, and NetOptics was far from the only vendor guilty of this.  I have an answer to this, but it will have to wait for Las Vegas.  It involves fishnets, short shorts, and probably eye bleach.  You’ve been warned.

Finally, thank you very much to my fellow members of the Security Bloggers Network for voting this the most entertaining security blog of the year.  It may just guilt me into writing more.  But don’t hold your breath.  (I do have a backlog of posts to write for my drunken con, er, travel blog).