INSIGHT: RSA 2015… Rise of Chaos

INSIGHT: RSA 2015… Rise of Chaos

Here is my traditional RSA (#RSAC) reflection post for RSA 2015 Conference – all my personal opinions/impressions/thoughts, of course.


In the past at RSA, you easily noticed that there were “SIEM vendors”, “DLP vendors”, “TI providers”, “anti-virus vendors”, etc. There were also larger vendors that sold product of several categories.

But at least there WERE categories. My experience at RSA 2015 show floor really ruined this world view!

First I thought that it was about marketing (like a booth that says “security intelligence” really just sells SIEM or a booth that says “breach prevention” and really just sells …eh… eh… dumb marketing?), but deeper conversations with many vendors – big and small – lead me to believe that the product category walls in security are becoming very fuzzy indeed.

“DLP that may also catch malware”, “an agent that can stop risky user action, and also collect forensics data”, “a network forensics tool that also does some malware analysis”, “a SIEM that collects packets and TI”, “an analytic tool that detects lateral movements and excessive account privileges”, etc, etc.

So, what is going on here? Presumably the markets should settle to more firm product category boundaries … but maybe changes in threat landscape prevent that? Is security truly as unique as some say – a set of markets that will never mature? (in another space, it would be considered market devolution, not maturation).

Thus, will we eternally live in The Long Tail World, where the choices are plentiful and rapidly changing – but few people use each choice? How do you do security architecture in such a world?

After all, “place a firewall here, a NIDS over there” 1990s thinking likely won’t work when there is a dozen types of network threat detection products, with a lot of overlap in features and unknown (sometimes unknowable!) effectiveness in their detection approaches.

Why is this happening? One explanation is that vendors “go broad” and try to take over some adjacent niches – sometimes at the cost of losing their excellence in the core market. So, is this innovation or confusion?

Or, maybe vendors decided that sporks and foons sell better than spoons and forks? But while sporks may solve a real problem (less weight to carry on a hike? less utensil types to stock?), most people use spoons and forks on a daily basis (spork is a mediocre spoon and a worse fork, IMHO).

Another reason maybe that there is a lot of VC money in infosec / cyber today and any type of a hybrid product have a right – and money!- to exist, however narrow its niche?

Or maybe vendor flee what some see as discredited categories, like SIEM and DLP, and make up funky new ones to appear new and innovative?

Thus, if I am even close to being correct in this assessment, we will live in a very, very different world of “cyber.” A fun world – but a risky one, with A LOT more uncertainty! So, go ahead, let’s discuss!

P.S. Does it make you want to be an analyst?

By Anton Chuvakin - Research Analyst, Gartner

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Gartnermalwarersa



Malwarebytes shoots the breeze with channel, prospects

Malwarebytes shoots the breeze with channel, prospects

A Kumeu, Auckland, winery was the venue for a Malwarebytes event for partner and prospect MSPs - with some straight shooting on the side. The half-day getaway, which featured an archery competition, lunch and wine-tasting aimed at bringing Malwarebytes' local New Zealand and top and prospective MSP partners together to celebrate recent local successes, and discuss the current state of malware in New Zealand. This was also a unique opportunity for local MSPs to learn about how they can get the most out of Malwarebytes' MSP program and offering, as more Kiwi businesses are targeted by malware.

Malwarebytes shoots the breeze with channel, prospects
EDGE 2019: Channel forges new partnerships during evening networking

EDGE 2019: Channel forges new partnerships during evening networking

Partners, vendors and distributors reconnected during a number of social gatherings during EDGE 2019. The first evening saw the channel congregate for a welcome party at the Hamilton Island yacht club, while the main poolside proved to be the perfect stop for a barbecue on the final night.

EDGE 2019: Channel forges new partnerships during evening networking
Show Comments