Home page logo

dailydave logo Dailydave mailing list archives

TechTarget Information Security Decisions Conference
From: Dave Aitel <dave () immunityinc com>
Date: Thu, 06 Nov 2008 09:09:41 -0500

Hash: SHA1

I'm here in Chicago at the TechTarget Information Security Decisions
conference [1]. It seems like every second person in Chicago worked
for the Obama campaign, although my cabbie on the way to the airport
was convinced Obama was a Muslim and "The Antichrist".

One interesting thing they did was have 5 ten minute sessions for new
technology companies in information security. Probably my favorite was
NetWitness. Like every new company, NetWitness focuses on data
correlation almost as much as they focus on data collection, if not
more. One of the more striking things about it was the speaker they
sent up - very non-marketing. He sounded like he'd written some of the
code behind it.

His talk was simple: Here's what you do today, and it just doesn't
work against 0day. Here's some graphs we have that help you analyze
0day attacks on your network, which we generate by collecting every
packet you send. That way you can do your own anomaly detection
instead of relying on some sort of algorithm to give you fuzzy results.

*I* don't believe any sort of sniffer is the answer, but he was still
the best-in-show in my opinion. In any case, I'll be talking on the
panel today at 1:55pm if you want to come by and grade MY performance. :>

[1] http://infosecurityconference.techtarget.com/conference/index.html

- -dave
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


Dailydave mailing list
Dailydave () lists immunitysec com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]