Home page logo

dailydave logo Dailydave mailing list archives

Re: TechTarget Information Security Decisions Conference
From: "J Wilder" <sigmaapex () gmail com>
Date: Thu, 6 Nov 2008 10:06:25 -0500

Yet not entirely new...

ManTech International Corporation (Nasdaq:MANT), a leading provider of
innovative technologies and solutions focused on mission-critical national
security programs for the Department of Defense, Intelligence Community, the
Department of State, the Department of Justice, Department of Homeland
Security and other federal government customers announced today the
introduction of NetWitness version 5.0, an enhanced version of the popular
network wiretap tool that offers improved analytics features and increased
capabilities to monitor Voice over Internet Protocol (VoIP) traffic.

-----Original Message-----
From: dailydave-bounces () lists immunitysec com
[mailto:dailydave-bounces () lists immunitysec com] On Behalf Of Dave Aitel
Sent: Thursday, November 06, 2008 09:10
To: dailydave () lists immunityinc com
Subject: [Dailydave] TechTarget Information Security Decisions Conference

Hash: SHA1

I'm here in Chicago at the TechTarget Information Security Decisions
conference [1]. It seems like every second person in Chicago worked
for the Obama campaign, although my cabbie on the way to the airport
was convinced Obama was a Muslim and "The Antichrist".

One interesting thing they did was have 5 ten minute sessions for new
technology companies in information security. Probably my favorite was
NetWitness. Like every new company, NetWitness focuses on data
correlation almost as much as they focus on data collection, if not
more. One of the more striking things about it was the speaker they
sent up - very non-marketing. He sounded like he'd written some of the
code behind it.

His talk was simple: Here's what you do today, and it just doesn't
work against 0day. Here's some graphs we have that help you analyze
0day attacks on your network, which we generate by collecting every
packet you send. That way you can do your own anomaly detection
instead of relying on some sort of algorithm to give you fuzzy results.

*I* don't believe any sort of sniffer is the answer, but he was still
the best-in-show in my opinion. In any case, I'll be talking on the
panel today at 1:55pm if you want to come by and grade MY performance. :>

[1] http://infosecurityconference.techtarget.com/conference/index.html

- -dave
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


Dailydave mailing list
Dailydave () lists immunitysec com

Dailydave mailing list
Dailydave () lists immunitysec com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]