Last updated at Mon, 24 Jul 2017 17:44:25 GMT

Happy recovery from your trips to Black Hat, everyone!

I always like to take the time to get away from the Rapid7 booth at conference events to get a feel for the trends in the industry, primarily based on the newest exhibitors and the traction they get. The floor seemed a little smaller than last year, but I think that there might have just been more space occupied by the larger security vendors and the technology companies that continue to acquire their way into the industry.

The smaller booths that I saw getting the most foot traffic for demos and sales discussions seemed to focus on a few main value propositions:

  • Big Data – whether it is around “analytics” or just the lowly “intelligence”, Big Data continues its expansion into the Security industry.
    • Solera (acquired by Blue Coat in May) once again managed the strongest demo in this space.
  • Analytics (Behavioral and Malware) – new insight into what users and malware are doing on your network was at least enough to pique people's interest.
    • On the Malware side, Seculert definitely caught my eye with their approach to finding and dissecting samples of malware for use in finding it on customer networks.
    • Meanwhile, the simple effectiveness of FileTrek's "Observe. Analyze. Act" tagline was enough for me to stop and ask for more.
  • Insider Threats – whether you are talking about banking or enterprise accounts, detecting insider fraud has always been a tough claim to make. Maybe that is why I saw people looking to hear how some newer companies were attempting to do so.
    • The level of detail available in SpectorSoft's Spector360 product may be hard to match, but it is as easy to understand as you would expect from a company that originally designed products to help parents.
  • APT protection – I think that this is nothing new to the Black Hat crowd, but based on the lack of a perfect solution, I continue to see new companies promising that they can protect you against the perils of targeted attacks. I expect to continue seeing new attempts at this lofty goal, but would be excited to see someone prove me wrong!
    • Lastline's Previct product had the clean look that drew my attention, as well as enough others to always see a demo running.

My biggest takeaway from the solutions I saw at these booths and new offerings from the veterans is that we might be confusing the word “analytics” with producing more interesting data without enough context. I feel like security professionals are faced with the challenge of layering together dozens of the hundreds of solutions available, with each promising more and more relevant information. How can a security team possibly process every data point about insider threats, malware, targeted attacks, etc. and draw conclusions quickly enough to have a significant impact?

One quick observation, and I may not have seen the best sample size in a couple of trips around, is that attendees treat a major party and cool t-shirts like an iPhone release, whereas they blow past everything else as New Yorkers would a man stating 'The End is Nigh'. Thanks to Blackhat's Flickr page for this amazing snap of the line at our booth! Gladly, the FireEye robot stayed true to the Three Laws of Robotics.