Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

2/24/2012
09:58 AM
Commentary
Commentary
Commentary
50%
50%

Don't Be Fooled By Buzzwords, Flash, And Empty Promises

Heading to San Francisco for RSA, BSides and AGC? Make sure you know how to navigate the vendor gauntlet

Click here for more articles.

Next week is going to be a busy one in San Francisco. Three conferences, America’s Growth Capital’s 2012 event, Security BSides San Francisco, and the RSA Security Conference are all next week and there will certainly be no shortage of security monitoring vendors clamoring to entice you with their technological cures for what ails your organization’s pain.

Unfortunately, there will be a handful of buzzwords to wade through and you need to be prepared to ask the right questions to understand their actual meaning. Here are some of the words to look out for while walking around the events, talking to vendors, or sitting through a presentation:

1) Next-Generation – what makes the product a "next generation" solution? Ask the vendor to clarify the product’s evolution from its previous generational state in addition to the iterative steps taken to get there (a.k.a the roadmap). Also, if the product is positioned as next-generation based on its superiority over a competing solution, make the vendor prove it. Ask for some customer references that have evaluated both solutions (without the vendor on the phone) and see if the customer can explain what makes vendor "A" more next-generation than vendor "B."

2) Big Data – has the vendor simply slapped the term "big data" onto marketing materials because their product can consume, correlate, and present lots of data? Ask the vendor how their product compares to an analytics platform that leverages big data technologies/capabilities that have been vetted by organizations with REAL big data problems. If they try to tell you that Hadoop-based or similar analytics platforms aren’t scalable, couldn’t possibly do the same job or that their flat file format works better, ask them to prove it with statistical and comparative evidence.

3) Intelligent – what makes it intelligent? Can it stop attackers, do your taxes, and make waffles? What makes this release more intelligent than previous versions? Is it simply that the product now integrates with five more third-party products than it did this time last year? Are you now able to compare the offending IP address or host to a public blacklist? Is the workflow that makes it intelligent? "Intelligent" is one of those terms that marketing people likely thought sounded less pretentious than "next-generation," but still conveyed how much better.

The ultimate question that you must ask all security monitoring vendors at conferences like these is “what makes your product more intelligent/advanced/capable than ‘xyz company’s’ product?” If the representative can’t explain it to you without drawing on buzzwords and non-committal fluff, ask for a follow-up conversation with a technical resource, ideally the CTO or lead architect, when you return to the office. If you notice the person on booth-duty leaning into a pitch, don’t be afraid to stop them and challenge what they’re saying with some questions of your own. After all, you’re there to learn about the product/service on your terms, not theirs.

P.S. For additional points, ask the person you are talking with to explain what exactly their product does in 15 words or less (something that will likely be more fun for you than for the vendor trying to explain).

Andrew Hay is senior analyst with 451 Research's Enterprise Security Practice (ESP) and is an author of three network security books. Follow him on Twitter: http://twitter.com/andrewsmhay

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MS8699
50%
50%
MS8699,
User Rank: Apprentice
2/28/2012 | 4:11:27 AM
re: Don't Be Fooled By Buzzwords, Flash, And Empty Promises
RSA Security Conference are all next week and there will certainly be
no shortage of security monitoring vendors clamoring to entice you with
their technological cures for what ails your organizationGs pain.-
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15596
PUBLISHED: 2020-08-12
The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.
CVE-2020-15868
PUBLISHED: 2020-08-12
Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control.
CVE-2020-17362
PUBLISHED: 2020-08-12
search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS.
CVE-2020-17449
PUBLISHED: 2020-08-12
PHP-Fusion 9.03 allows XSS via the error_log file.
CVE-2020-17450
PUBLISHED: 2020-08-12
PHP-Fusion 9.03 allows XSS on the preview page.