In my previous blog post, I discussed some key takeaways that I got from the talks I attended in the recently concluded RSA 2013 in San Francisco, California. This time around, I want to share in length, some of these noteworthy sessions.
Innovation Sandbox was a packed session that Hugh Thompson ran quite deftly. Ten startups were selected and given three minutes to explain their technology, followed by a two-minute question-and-answer session, with questions coming from the judging panel, made up of industry experts.
All the company representatives talked about what they were doing and had to prove why their solution would work and generate revenue in the future. A white board session followed where thoughts from the audience were taken and put on an online whiteboard.
The participants also had the opportunity to meet (or “date”, as they put it) with potential investors in an igloo-styled hut. Winners from previous years were also present to share their experiences and mingle with the participants.
Panel discussion on future of end point security
This panel discussed how changes in end-points are changing the security landscape. Bring Your Own Device (BYOD) and Virtual Desktop Infrastucture (VDI) are ensuring that enterprises no longer have the same control over theirs networks and devices that they had in the past. Solutions such as traffic filtering, network access control (NAC), software defined security (SDS) vs. traditional solutions were discussed. There was no definitive answer - each technology has its uses, pros, and cons – but the points that came out from these discussions were quite insightful.
Awareness Doesn’t Matter: A Behavior Design Approach to Securing Users
This session talked about how user behavior could be used to trigger potential security alerts. This is an interesting area for research, but in actual usage is prone to false positives. However, in situations where security is an absolute must and false positives can be tolerated, this may be of use.
Malware Hunting with Sysinternals
Mark Russinovich, the author of the Sysinternals tools suite, gave a brilliant talk about what’s new with Sysinternals tools and how these can used for malware analysis. His aim was to show how to carry out a quick analysis if there are any suspicious files on a system. He also discussed future developments, like more color coding for faster visualization of event. Russinovich kept the tone of his talk light, thanks to his wit and sense of humor.