Good conference, a lot of interesting sessions and discussions during the 3 days.
I will try to give you my quick impressions on the trends of this year conference:
- Data leakage protection (DLP). Finally, IMO the products are mature and comprehensive. Maybe not yet ready for widespread adoption by SMBs, but very interesting propositions for when the security budgets will be on the rise.
- Compliance. This is the real driver of today’s security market. Products to help enterprises getting compliant with major regulations, typically Security Information Management (SIM) solutions are getting much attention in spite of not being a new market.
- Virtualization security. The hot concrete topic of this year conference. IMO, security professionals were again a bit late reacting to this trend but are now actively developing guidelines and services to addressing virtualization. The first results of these efforts are coming out. I strongly recommend the session of Dennis Moreau of EMC “Attacking and Defending Virtual Infrastructure” for a nice overview on the subject.
- Cloud security. The buzzword was the real HOT topic. Several tracks were addressing it but it was on every coffee discussions as well. I would like to thank Graig Balding of the cloudsecurity.org for many interesting discussions on the subject. My own conclusion from the conference is that security professionals are really skeptical about the subject, especially concerning compliance and SLAs. A very good illustration was the RANT session by Hugh Thompson. Interestingly enough, one of the only positive voices about cloud security was Philippe Courtot, the CEO of Qualys.
Sorry not to refer to many others’ interesting sessions, i’ll try to get back to them in a later post. Anyway, good conference and i hope that these first notes fuel some more feedback from the other participants or from other people as well. Please add yours thoughts.