Security Is Business

Infosecurity Moscow has finished. I have to say if you have not attended the conference you lost nothing. Most interesting thing that I found there are friends for live conversation.

Everybody is trying to stick a label on their products with a precious word "security". You could find there a traffic analyzer, rebuilt for security needs; most secure document workflow system; a boy who was trying to sell sniffer that can recover passwords from broadcast segment; companies, known to nobody, which have the magic word on their advertisement.

Known security firms are trying again and again to sell their products to us - new, fully rewritten version of antivirus, new IDS system with a new glossy interface, new security scanner (after re-branding). So many conference sessions made by people who are just managers and sales. They can not answer any single question, which was not mentioned in the presentation.

It seems like nobody can make good identity management system, because it is complex. Nobody can make real log management system with good analysis engine, because it is hard. Nobody can give you advise, because it is their know-how.

I am attending Infosecurity Moscow again next year, but only for networking with friends.