Dispatch from RSA

Feb 19, 2017

I attended the RSA Conference in San Francisco last week, a yearly gathering of cybersecurity professionals and security vendors. I attended my first conference as an OX representative last year, and it’s been interesting to see how the security industry has changed (or not!) since then.

Wandering the expo floor is a good way to do this; looking at my blogs from last year I commented on the rise of Machine Learning as an industry buzzword – this has now become endemic, and no self-respecting vendor would fail to include those magic words somewhere in the description of their solution. As always it’s hard to sort out the truth from reality, but what is clear is that Machine Learning is becoming mainstream.

I attended a talk on Wednesday by Microsoft, discussing how they use ML in their Azure service to disrupt attacks and detect compromised servers. This followed on from a talk last year where they discussed how they use ML to detect login abuse. It seems clear that ML has some practical uses in security, however it’s also clear that it is not a panacea; Microsoft admitted themselves that they are still in the early stages of using ML, and that it’s often combined with rules-based models to achieve good efficacy. What is great however is that a lot of tools and services are available to get started with Machine Learning, often open-source or free: e.g. TensorFlow, or Microsoft Machine Learning Studio.

Another great talk I attended yesterday was about Open-Source Security, presented by Nicko van Someren from the Core Infrastructure Initiative. The Core infrastructure Initiative is attempting to improve the security of core internet infrastructure, (for example by funding projects such as openssl), and has many similarities with the folks over at the Mozilla Secure Open Source initiative, whom I’ve blogged about before. Nicko’s presentation was primarily about how to make open-source software secure (a topic close to my heart obviously), although mainly of the points applied equally to *any* software development. I was very pleased to see that we already implement a lot of the processes he recommends, although we definitely could improve in a few areas, particularly threat modelling at the design stage, and use of fuzzing software in our CI processes.

Quite a few of the talks I’ve attended this week have stressed a point which I particularly agree with – “Security is a process, not a product”. Processes don’t have an endpoint (you’re never “done” with security), and we should always aim to improve the process to improve the outcome, which is more secure products for our customers.

About the author

Neil Cook

Neil Cook

PowerDNS Head of Product

Categories

Related Articles

Dovecot Pro and Lua

As 2019 begins, we at Open-Xchange would like to provide you with an update and a few details regarding the latest Dovecot...

Michael Slusarz Feb 14, 2019

From Latin America to the Far East

The summer of TES in 2018 goes all around the planet – and for a project that was born in the heart of Europe, this is a...

Vittorio Bertola Aug 28, 2018

Keeping your family safe and secure online

Securing all of the various devices in your home is vital to prevent cyber-attacks and to close gateways to harmful content....

Alexander ter Haar Aug 27, 2018

Introducing OX Summit Partner: Vade Secure

According to Cofense, a successful phishing attack costs a mid-sized organization $1.6 million on average. Moreover, FBI...

Frederic Maussion Aug 21, 2018