I recently attended the RSA 2016 conference in San Francisco along with a few of my colleagues. We spent the week interacting with clients, prospects and learning about industry solutions as well as sharing our thoughts on the Digital Defense, Inc. (DDI) differentiators and strengths.
DDI offers three core solutions to help organizations mitigate information security risks: Vulnerability Management, Penetration Testing and Security Awareness Training. Most people who visited our booth were intrigued by our unique delivery model, Vulnerability Management as a Service – VmaaS™. One of the most significant benefits of our VMaaS is how we help organizations understand their maturity level and achieve higher levels of security within their VM process. In addition to this and in representing DDI’s technical arm, I had the opportunity to clarify and stress that DDI develops our own proprietary VM SaaS based technology and where we have key significant strengths over our competitors in the VM space.
DDI solves a critical problem faced by all VM solution providers where perplexing scanning issues can lead to breaches and which is explained in detail here. I share how DDI uses 20+ discoverable network endpoint characteristics (e.g. IP Address, Various Hostnames, MAC Address if discoverable, open ports, applications, many more) simultaneously. This is similar to how modern fingerprint matching works, in order to track endpoint hosts over time, from one point-in-time assessment, to another. Many scanning tool vendors in the marketplace today only use a 4 or 5 point system. Even if your VM provider is 100% accurate within one point-in-time scan, they in fact experience a data “drift” over time as they mismatch hosts across time over many assessments. This drift can result in “dirty data” within the VM system as well as within their integrated security ecosystem. I found most of the professionals I spoke with at the RSA event understood the challenge and have seen anomalies within their own systems, leading them to question the accuracy of their data. I have been warning the information security community of this limitation in VM systems for over two years and was pleased to see how people are more than ever understanding that the underlying changing network has serious implications with regard to their security technology and the resulting portrayed information security risk.
Each year, Anton Chuvakin of Gartner posts an eye opening blog on his observations of the RSA conference. He warns that his feedback is ‘harsh and a bit curmudgeonly.’ He shares his concerns that many vendors offer solutions which are not very valuable or they are touting silver bullets. I completely agree with his view. In walking around and visiting other booths at RSA I’ve often wondered how many of these companies are making money with the solutions they are offering. Having “grown up” as a software developer and systems architect, and having always been involved in the development (and yes tons of coding) of our products, I share with you that developers typically are motivated by their cool solution, but may not know whether it is cost effective or even if it is solving the right real-world problem. And with that, I understand how many solutions emerge and how the value may be questions by the end user.
Leaving RSA, I compared the DDI approach to others and left the conference genuinely proud of how we work to improve our cutting-edge technology and managed support so that our vulnerability management solutions focus on what is most important to the end customer.