[Dailydave] I watch the 2016 RSAC Keynotes so you don't have to

dave aitel dave at immunityinc.com
Wed Mar 16 17:05:12 EDT 2016


http://www.rsaconference.com/videos?tags=Keynote

I like to watch all the keynotes after RSA and see what kinds of themes
there are. Partially because keynotes are 100K at RSAC and that means
that probably someone put time and effort into making them worth
listening to? They are like the SuperBowl ads of our field. Also
sometimes our friends are on stage, which is exciting.

Most years, there are one or two that are hilariously bad. Also, because
it is a prestigious thing to do, you often have speakers who are
executives at big security companies, but who are not necessarily
polished pro-level public speakers. What we're looking for in these
talks is Vision, with a capital V.

In 2016, as usual, most of every keynote fell into the category of
"wishful thinking". Every big company wants the industry to give them
all of the threat data, and then let them do the "innovation" on the
analysis side.

That's never going to happen! But yet you hear it again and again, year
after year. Cisco
<http://www.rsaconference.com/videos/ascending-the-path-to-better-security>and
HP and RSA and Intel
<http://www.rsaconference.com/videos/louder-than-words> and everyone
else say this year "What if everyone just used our platform for your
point products?" which sounds great but the only real way people have
been able to make themselves a platform for point products is to do M&A.
Collectively all the big companies have realized that the management
costs of all their products are prohibitive for every customer, and no
customer is going to buy just one product stack.

HP did have some interesting hidden announcements about how they can
find DNS beacons going outbound out of all of their huge data set. They
said they find 50 new ones a day. I don't think they've tested against
INNUENDO <http://immunityinc.com/products/innuendo/> yet though.
Everyone SAYS they are doing lots of great analysis, but how do you know
you are detecting APT unless you can test against APT?

It is also amazing to see DIRNSA declare privacy of our citizens part of
the essential equation
<http://www.rsaconference.com/videos/remarks-by-admiral-michael-s-rogers>.
He also stuck to the government talking point about how industry is
amazing and can find a magical compromise. And of course, he, along with
everyone else, has caught on to the idea that data theft can quickly
turn into data manipulation.

It's also interesting to hear the president of RSA talk about how badly
the Government messed up with Wassenaar, and to hear that nobody who
helped write the VMWare talk bothered to tell the CEO of VMWare that
Wireshark is free software.

To be fair, VMWare won "Worst of Show" this year
<http://www.rsaconference.com/videos/not-lost-in-translation-building-an-architecture-to-reshape-cybersecurity>.
They demoed some moderately interesting capabilities (software defined
networking as part of your VMWare stack!) but everything about the talk
was grating and terrible or an obvious half-truth. The CEO of VMWare has
no idea that Wireshark is free software, and neither did anyone who
helped write their talk. They paid one hundred thousand dollars to
demonstrate on stage in front of three thousand customers how much
vision they are lacking...and it is showing in their corporate
performance as the get eaten alive by the rest of the virtualization market.
 
Also, we have to stop bringing kids on stage to talk about how the
"Youth are our future". It's so boring. 

-dave

Previous years:
https://lists.immunityinc.com/pipermail/dailydave/2014-April/000661.html
https://lists.immunityinc.com/pipermail/dailydave/2014-April/000642.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20160316/459c6554/attachment.html>


More information about the Dailydave mailing list