 |
Everyone is looking for more visibility
at the RSA Conference, even the FBI's Fido! |
Everyone at this year’s RSA Conference was speaking the same language of needing and providing more operational visibility. Even the weather seemed to agree with the visibility discussion as the clouds cleared away each afternoon.
At VSS Monitoring, our mission has always been
centered on delivering total network visibility to optimize the effectiveness
of your security and network monitoring tools. InfoSec professionals around the
world rely on VSS to give their monitoring and security tools access and visibility to traffic across
networks without requiring physical reconfiguration. We’ll talk more about that
later. Right now, let’s focus on our top takeaways from this year’s RSA
conference.
 |
| Moving security tools in line is a key step for many attendees |
Get in line
The rate that new malware is being introduced into corporate networks is leaving no choice but to place security tools inline. That is clear. We heard from many attendees that bringing their security tools inline was critical. For some, this will be a first and concerns surrounding using SPAN ports, and not disrupting the network, were top of mind issues to be solved in 2015.
Sandboxes provide a safe
environment to analyze
malware
Sandboxes are Popular
environment to analyze
malware
Sandboxes are Popular
For others, sandboxing is viewed as the next step towards
getting ahead of emerging attack vectors. Combining endpoint security with a
secure sandbox environment to further analyze unknown files and malware is a
popular deployment scenario we discussed. In this scenario, attendees were
interested in learning how they could direct traffic to multiple tools while
also accommodating behavioral sandboxing. We spoke with many attendees that
needed a safe environment to isolate, analyze and ultimately address malware in
a contained environment.
 |
| RSA attendees are focused on closing the loop for security analysis |
Creating Closed Loops
Another way attendees are responding to the problem of
unknown malware is with cloud-based threat monitoring and intelligence
services. Attendees were keen to integrate cloud-based threat intelligence
feeds and architect a closed monitoring loop, using on-premise appliances as
well as and cloud-based services. We had several discussions on different ways
traffic could be directed through their tool chain and then forwarded out to a
cloud based security services for analysis.
While security tools will always be the darlings of the RSA
Conference, we spoke to a number of people who were not planning to deploy any
new tools in 2015. Instead these attendees wanted to focus on how they could
collect, analyze and direct the right data in real-time to the existing tools.
A truly refreshing thought.
It was good to see that the industry is quickly growing-up
and changing. Sound decisions regarding security architecture and how
everything (and everyone) needs to play together well for effective security
was a welcome thought.
While security tools will always be the darlings of the RSA
Conference, we spoke to a number of people who were not planning to deploy any
new tools in 2015. Instead these attendees wanted to focus on how they could
collect, analyze and direct the right data in real-time to the existing tools.
A truly refreshing thought.
It was good to see that the industry is quickly growing-up
and changing. Sound decisions regarding security architecture and how
everything (and everyone) needs to play together well for effective security
was a welcome thought.
No comments:
Post a Comment
Thank you for reading and for your comments. For product or solution inquiries, please visit www.VSSMonitoring.com