RSA Conference 2006 musings
My week at the RSA Conference in San Jose was well spent. It is a good experience to spend time at a conference that is somewhat "out of your area", but still relevant and related. I got to hear "Mudge" speak this past week; he is the guy that wrote l0phtcrack. Interesting guy, very spastic, though. I also got to hear Robert Mueller, Director of the FBI, speak; he gave a good speech on how the FBI is adapting to cyber crime fighting. I attended a couple of interesting sessions on hacking; saw some neat tools and enough scary wireless hacking stuff to make me think twice about ever using wireless again. :-)
I spent quite a bit of time on the exhibits floor talking to vendors and figuring out what is "hot" and emerging. Here are some thoughts that I disseminated from sessions and exhibitors.
- Network access protection (systems that will quarantine a host that does not have the correct configuration, patches, service pack, antivirus software, etc...) are going to be hot over the next couple of years. Right now much of it seems to be 'vaporware' though.
- Wireless access detection and "prevention" were hot topics and some nice software/hardware solutions.
- Smartcards and other two factor authentication is hot.
- 'Intrusion detection' has gone a generation further. Now, more intelligent systems monitor network traffic and learn the patterns of each host. Alarms are raised when a host starts doing something unexpected (such as a server starts web surfing.)
- Compliance is hot. Software that helps organizations to learn "what they have" and to monitor compliance is a big.
- Enterprise Rights Management is gaining more mainstream recognization in the market. Microsoft, Adobe, and Liquid Machines all had ERM demonstrations going in their booths.
- E-mail / message hygiene vendors were plentiful. Lots of appliances for antispam/anti-virus/content inspection.