Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

2/24/2012
09:58 AM
Commentary
Commentary
Commentary
50%
50%

Don't Be Fooled By Buzzwords, Flash, And Empty Promises

Heading to San Francisco for RSA, BSides and AGC? Make sure you know how to navigate the vendor gauntlet

Click here for more articles.

Next week is going to be a busy one in San Francisco. Three conferences, America’s Growth Capital’s 2012 event, Security BSides San Francisco, and the RSA Security Conference are all next week and there will certainly be no shortage of security monitoring vendors clamoring to entice you with their technological cures for what ails your organization’s pain.

Unfortunately, there will be a handful of buzzwords to wade through and you need to be prepared to ask the right questions to understand their actual meaning. Here are some of the words to look out for while walking around the events, talking to vendors, or sitting through a presentation:

1) Next-Generation – what makes the product a "next generation" solution? Ask the vendor to clarify the product’s evolution from its previous generational state in addition to the iterative steps taken to get there (a.k.a the roadmap). Also, if the product is positioned as next-generation based on its superiority over a competing solution, make the vendor prove it. Ask for some customer references that have evaluated both solutions (without the vendor on the phone) and see if the customer can explain what makes vendor "A" more next-generation than vendor "B."

2) Big Data – has the vendor simply slapped the term "big data" onto marketing materials because their product can consume, correlate, and present lots of data? Ask the vendor how their product compares to an analytics platform that leverages big data technologies/capabilities that have been vetted by organizations with REAL big data problems. If they try to tell you that Hadoop-based or similar analytics platforms aren’t scalable, couldn’t possibly do the same job or that their flat file format works better, ask them to prove it with statistical and comparative evidence.

3) Intelligent – what makes it intelligent? Can it stop attackers, do your taxes, and make waffles? What makes this release more intelligent than previous versions? Is it simply that the product now integrates with five more third-party products than it did this time last year? Are you now able to compare the offending IP address or host to a public blacklist? Is the workflow that makes it intelligent? "Intelligent" is one of those terms that marketing people likely thought sounded less pretentious than "next-generation," but still conveyed how much better.

The ultimate question that you must ask all security monitoring vendors at conferences like these is “what makes your product more intelligent/advanced/capable than ‘xyz company’s’ product?” If the representative can’t explain it to you without drawing on buzzwords and non-committal fluff, ask for a follow-up conversation with a technical resource, ideally the CTO or lead architect, when you return to the office. If you notice the person on booth-duty leaning into a pitch, don’t be afraid to stop them and challenge what they’re saying with some questions of your own. After all, you’re there to learn about the product/service on your terms, not theirs.

P.S. For additional points, ask the person you are talking with to explain what exactly their product does in 15 words or less (something that will likely be more fun for you than for the vendor trying to explain).

Andrew Hay is senior analyst with 451 Research's Enterprise Security Practice (ESP) and is an author of three network security books. Follow him on Twitter: http://twitter.com/andrewsmhay

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MS8699
50%
50%
MS8699,
User Rank: Apprentice
2/28/2012 | 4:11:27 AM
re: Don't Be Fooled By Buzzwords, Flash, And Empty Promises
RSA Security Conference are all next week and there will certainly be
no shortage of security monitoring vendors clamoring to entice you with
their technological cures for what ails your organizationGs pain.-
I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5087
PUBLISHED: 2019-11-21
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code....
CVE-2019-5509
PUBLISHED: 2019-11-21
ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.
CVE-2019-6693
PUBLISHED: 2019-11-21
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the admini...
CVE-2019-17272
PUBLISHED: 2019-11-21
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.
CVE-2019-17650
PUBLISHED: 2019-11-21
An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.