Nick's Blog

Personal opinions. Aggressively stated.

ADL Claim Of The Month – and some RSA rants

We had 51 briefings scheduled with vendors during RSA, and I would have made it too had not a family emergency kept me out of the show on Wednesday. Among the 37 that I did make were seven with anti data leakage vendors, not including the meeting with McAfee, which bought Onigma last year.

Of the non-McAfee vendors, the most common statement I heard last week:

We are the only solution to block all content, regardless of port or protocol

Now, that’s a howl, since all these network-based guys are completely blind to anything tunneled or, as Dave Aitel pointed out, a password-protected Zip file. But each of them said it. That’s a perfect example of the kind of statement which led The 451 Group to ban, from its earliest days, use of the word, “Only” (when describing a product feature), as well as the word, “Solution” (unless we’re talking about a math problem or dissolved stuff in liquids).

For what it’s worth, I’ve actually started to come around to the point of view that the only way to approach ADL is to do it with a hybrid agent- and network-based approach – agents on the machines that live and work in your network, and network based for guests, contractors and anyone else temporary who refuses an agent (or uses an OS for which no agent is available, like, heloooooooo, Linux and in many cases Mac), as a second if imperfect line of defense that at least squawks at you when someone sets up a tunnel. But I digress (and write run-on sentences) a whole lot.

The RSA show this year had a kind of energy that I haven’t seen in a while; certainly last year’s conference was like a morgue compared to this one. Thank goodness they’re not holding any more in San Jose, at least for the time being. Lots and lots of other bloggers have made their comments about the show and its booth babes, so there’s not awhole lot left to say. I thought it was funny that Alan Shimel at StillSecure thought it prudent to take on booth babes while slapping a photo of himself in a booth-babe sandwich in his post.

It’s an interesting issue, and I considered it my duty as someone in the business of talking about spin to walk by each booth where booth-babes had been deployed to carefully consider the arguments pro and con. Very carefully. Methodically even.

Certainly the most aggressive use of booth-babes was at the booth of Chosen Security – itself a terrible name, by the way – which employed strippers bursting out of their tightly-fitted cop uniforms, scooting around the Moscone center on Segways. Now, I personally have a thing for women with weapons (and having been in the studio at Noise New York for part of the recording of Girls With Guns by Bongos Bass And Bob, I can say that I’m certainly not alone.) But there were just dumb things, too – The Riddler. Rockem Sockem boxing. Morons running around in (again) cop uniforms to arrest people…As I said, this year’s RSA was a real hoot.

I threw on my tux and sloppily tie my bow-tie at the SC Magazine Awards ceremony. That was actually a hoot; I had been invited by Mark Zawacki at the Milestone Group, and spent the night chatting with folks from several interesting vendors, congratulating Tony Fascenda from KoolSpan and wondering in what universe could Watchfire win ‘Best Compliance Product’. And like seven other awards. The fix was in, if you ask me, but nowhere in the creamy-papered propaganda that was handed out to all of us was any description of the criteria on which the awards were given, so maybe it’s not a fix at all, it’s just the way the awards are handed out.

Leave a Reply