Thursday, October 19, 2006

So, What IS Hot?

Yeah... I know I am late with this, but it is still fun... Knowing that I am following the security market developments religiously, a friend just asked me "what's hot in security now?" He was looking to escape a certain dying SIM vendor (you can easily guess which vendor it was, BTW...) So I thought "Ok, what IS hot now?"

Well, NAC is hot for sure. It is steaming hot, and I suspect will start to cool down a bit next year. But NAC is not "novel-hot" since folks have been talking about it for at least 2 years. It is "deploy-it-hot!." NAC leads to all things "endpoint security" as well.

Believe it or not, but I think that log management is hot. Is that my head or my vendor hat speaking? ;-) The main reason I think it is hot is that people are being forced to log more, but, in general, lack tools to deal with the results. Whoever can creatively solve it (hint-hint) will rule the world (well, maybe :-))

And, BTW, here is what DarkReading folks consider hot. Their list is:

  • Browser Anonymizers
  • Core Security's Impact
  • Voltage Security's Identity-Based Encryption
  • Blue Lane's Virtual Patches
  • Lockdown Networks' NAC Enforcer
  • Secure Code-Scanning Tools

    So, NAC, yeah...Core Impact is certainly cool, but is it hot? I dunno; it is still a bit of an esoteric niche tool, even if useful and cool. Further, I would opine that secure code scanning tools are NOT hot. Many people still ignore them and pretend they don't exist :-) And please someone explain how is "virtual patch" not a regular NIPS? Didn't ISS call their NIPS "virtual patching" a good number of years ago...? Identity-based encryption is way cool, no doubt. But I'd wait for broader deployment of such technologies before I consider it hot. After all, even Gartner has a list of "cool" vendors, which is often different from the list of hot technologies climbing the famous hype curve....

    Here is what Matasano folks consider hot.

  • Static Code Analysis

  • Passive Scanning

  • Identity Based Encryption

  • Assessment Accelerator [for Dynamic Code Assessment]

  • 802.11x VLAN Assignment

  • Black Box Vulnerability Testing

    On a related note, "What is hot?" question invokes the related "what is NOT?" question. Now I realize that by providing such list you can offend people. So? I don't think that a smart person should be offended by such label, since the primary reason why something becomes "not hot" is by entering the mainstream, where you can potentially earn more money (and have fun in the process as well). In light of this, I think that standalone anti-spyware has recently entered the "NOT list;" NIDS is certainly a major "NOT" even though I still think that inventing a "better NIDS" is not futile (and of course that intrusion detection is important!) So I will start tracking the "NOT list" from now on.

  • Dr Anton Chuvakin