Dennis Charlebois from Hexis Cyber Solutions has created a show stopper when it comes to presenting his message: Agent Smith (“Never send a human to do a machine’s job.“) as a full on, 3d, talking representative. I have Dennis describe how Agent Smith was created and what his future plans are for the technology.
Oh, by the way, there is also a product behind the marketing: “Hexis identifies, validates and removes advanced threats automatically at machine speeds; before the damage is done.”
Just to show there I have no hard feelings after Canada beat USA in the hockey during the Olympics, I spoke with Keith Murphy, CEO of Defence Intelligence. Keith’s company specializes in advanced malware protection… plus he has a cool collection of hockey jerseys.
Resources in this Segment
Ryan Berg and I were walking the expo floor at RSA Conference 2014 and ran into Michael Coates. We stopped for a chat to find out what Michael has been up to and the plans for the future of “Shape”.
Resources in this Segment
- Shape Security
The ShapeShifter offers the first comprehensive defense against major web attacks. Existing security technologies try to detect attacks based on how they appeared or behaved in the past. This is not effective against adversaries who are constantly changing their code and behaviors to avoid detection. It also does nothing against previously unknown attacks.
- Michael Coates
Michael Coates, director of product security at Shape Security, was previously head of security at Mozilla, where he built the security program from the ground up to protect Firefox and other products. Coates is also the Chairman of OWASP, the worldwide organization dedicated to web application security, with over 40,000 participants in more than 100 countries.
- Ryan Berg
Ryan is the Chief Security Officer at Sonatype. Before joining Sonatype, Ryan was a co-founder and chief scientist for Ounce Labs which was acquired by IBM in 2009. Ryan holds multiple patents and is a popular speaker, instructor and author, in the fields of security, risk management, and secure application development. Prior to Ounce Labs, Ryan co-founded Qiave Technologies, a pioneer in kernel-level security, which later sold to WatchGuard Technologies in 2000. In the late 1990′s, Ryan also designed and developed the infrastructure for GTE Internetworking/Genuity’s appliance-based managed security services.
The SandBox area at RSA Conference 2014 has a huge board setup and a couple computer terminals where you can input a data, create a future vision statement and then have it put on the board. I like this a lot. Here’s an image from the first day. I’ll take another one at the end of the conference to see how dense the visions are around 2030.
I like the simple messages these two companies are putting out at the 2014 RSA Conference. Don’t make me think. Don’t make me read. Just let me know what you do and if I need it, I’ll come right over. Nice messaging work by Klocwork, and Garner Products, Inc,
Any question about what Klocwork does? I didn’t think so. I’ll be talking to this team later today.
Garner Products, Inc is a little geeky, nothing sexy, but a clean, simple message that will immediately get your attention when it’s time.
Simple and clear from both of these companies. Granted, the concepts they are trying to get across are simple, but isn’t that the point? Ok, enough of the “messaging” soapbox. I’m back in the hunt for new ideas and companies.
I am at the RSA Conference in San Francisco this week, searching for new ideas and companies that might change the way we think about application security. I was given access to the expo floor yesterday as the event was getting setup and came away with some observations.
As in most conferences, the big companies are in the middle of the floor, while the smaller ones are relegated to the edges of the main conference hall. The edge cases are where I’m going to spend most of my time over the next three days. An interesting observation is that the larger the booths, the more money spent, the more obtuse the message. This isn’t just a problem in the security conference industry, but all industries.
As a company grows and changes, the legacy messaging gets morphed into the larger picture where all angles are trying to be covered in one message. It’s a systemic problem. In 90% of the booths, I could not tell what they were doing, what their product actually did or who their market was.
That leads me to my main point as I start to filter content coming from the conference. I want to do 15 or 20 interviews and reviews of sessions, keynotes and companies that I find interesting. I’ll be looking along the edge cases for those with simple messages and clear vision. Let’s see what I can come up with.
I was able to have a wonderful conversation with Riotaro Okada and Robert Dracea this morning, talking about the upcoming 2014 AppSec APAC Conference in Tokyo. This interview is unique, in that we have the English and Japanese responses integrated into the conversation.
This is the first event of its kind in Japan and you can tell the locals are very excited about the possibilities, from internationally recognized speakers to showing visitors the hospitality of Japan. We begin the discussion with how the Tokyo OWASP Chapter was started and how it led to the AppSec APAC Conference.
Mark Arnold helps run a very successful OWASP chapter in Boston. In this extended discussion, I talk with Mark about why the chapter is doing so well, what lessons others could learn from his chapter’s success and what he would like to see happen to gain a broader audience for the group.