Oddly enough my big takeaway from the Black Hat security conference was not about security – it was about innovation. It seems many of the disruptive trends we have been talking about are finally taking hold, finding mainstream acceptance and recognition. We have been talking about cloud computing for a long time – Rich has been teaching cloud security for four years now – but people seem to be really ‘getting’ it. It takes time for the mainstream to fully embrace new technologies, and only then do we see disruption fully take effect. It is as if you need to step fully into the new environment before what’s really possible takes shape and starts to manifest itself. Fo example, when the Internet hit big in 1996 or so, we talked about how this would hurt “brick and mortar” retail, but it was a good 7 to 10 years before that reality fully manifested. Only then did the change take full effect, and few industries were left untouched. We are just now reaching that point with the cloud, mobile, and NoSQL databases, and getting here has been exciting!
When I talk about security analytics it is nearly impossible for me to do so without first talking about NoSQL and the value of “big data”. NoSQL enables me to inexpensively scale up to collect all the data I need. NoSQL allows me to easily pull new and complex data types for analysis. NoSQL facilitates more programmatic use of stored data, and my choice of NoSQL architecture lets me tailor a solution to analytics or real-time response. Security analytics is the goal, and you don’t need to have NoSQL, but the disruptive innovation of NoSQL makes it better and cost-effective. NoSQL has been around for a long time, but the possibilities for security analytics are only being widely considered now that most firms have taken their first steps into the new world.
The same is true for DevOps, which is the culmination of several technology advancements reinforcing each other. The API economy is making the cloud, mobile, and various other services accessible. It is being driven by development teams who need to be more agile and efficient. DevOps offers virtual on-demand resources. DevOps does not depend on the cloud, but the cloud makes it better. This evolution of several pieces has suddenly created something bigger than the sum of its parts.
Even better, all these new technologies build in security components. I was more amazed to see disruptive innovation manifest, but there were significant efforts to build security into each of these trends. Life will be very interesting over the next 4-5 years.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- Mike quoted on context-aware security in SearchNetworking.
- Mike quoted in coverage of Wendy Nather as a “Power Player” in IT Security. Wendy is awesome and one of our favorite people in the industry. Mike couldn’t be happier to be quoted.
- Mike’s “Change Agent”: Trusted Information Systems. Mike did a blog post/video for Digital Guardian naming a “change agent” with an impact on how security has evolved… Check it out.
- Adrian and Mort talk Big Data with George Hulme.
- Mort quoted in “Communicating at the speed of DevOps”.
Favorite Securosis Posts
- Mike Rothman: Suing Gartner. I’m surprised I didn’t get more comments on this post. Kind of counter-intuitive. Unless maybe it’s not and everyone else figured out that NetScout is grandstanding before I did…
- Adrian Lane: Butterflies. Morphing. It’s this week’s theme.
- Dave Lewis: Trolling Mass Media.
Other Securosis Posts
- It’s not a problem until someone dies….
- Cloud File Storage and Collaboration: Additional Security Features.
- Friday Summary, August 1, 2014: Productivity Metrics edition.
Favorite Outside Posts
- Mike Rothman: Mark Twain’s Top 9 Tips for Living a Kick-Ass Life.
- Adrian Lane: Military Companies Brace for Rules on Monitoring Hackers. It’s one thing to disclose a breach to a partner – it’s another to let the partner conduct the forensic analysis. Most firms don’t trust their business partners enough to give them unfettered access to their systems. And the government has many interests outside supplier agreements. We will see how this shakes out.
- James Arlen: SEC failed to guard sensitive information.
- Dave Lewis: Weak Passwords: Mel Brooks Warned Us.
- David Mortman: Multipath TCP speeds up the internet so much that security breaks. <– Ooops. AKA stateful firewalls break multi-homed BGP if you don’t architect correctly….
Research Reports and Presentations
- The 2015 Endpoint and Mobile Security Buyer’s Guide.
- Analysis of the 2014 Open Source Development and Application Security Survey.
- Defending Against Network-based Distributed Denial of Service Attacks.
- Reducing Attack Surface with Application Control.
- Leveraging Threat Intelligence in Security Monitoring.
- The Future of Security: The Trends and Technologies Transforming Security.
- Security Analytics with Big Data.
- Security Management 2.5: Replacing Your SIEM Yet?
- Defending Data on iOS 7.
- Eliminate Surprises with Security Assurance and Testing.
Top News and Posts
- Espionage programs linked to spying on former Soviet targets.
- Dan Geer’s Blackhat Keynote.
- The Lie Behind 1.2 Billion Stolen Passwords.
- Is Amazon Web Services Really Down and Out?
- Facebook Buys Security Firm PrivateCore.
- 8 Patterns For Continuous Code Security.
- Safari for OS X gets “click-to-own” security holes patched.
- Tenn. Firm Sues Bank Over $327K Cyberheist via Krebs.
- Last Hacker Standing, Episode IV – The Last Hope. Martin’s new podcast.
- Snowden says NSA was responsible for 2012 Syrian internet blackout.
- Dead Simple Encryption. Forget encryption: Why won’t anyone build an open-source key manager?
- Security Kahuna Podcast: Las Vegas Edition.
- ERP: Protecting the pipeline by focusing on business-critical platforms.
- Improving Malware Detection in Firefox.