RSAC 2011: RSA Conference Live – Day 1 (IMG: Steve Ragan/J.Anderson)
This week The Tech Herald will be bringing you live coverage of events as we attend RSA Conference 2011. There's a good deal of excitement, as vendors prepare to show off their latest and greatest. So as we move through the week, we'll update the site with images and news from the show. Here are all the highlights from day one.
Update – 10:00 a.m.
After an eventful morning, we're heading to B-Sides. However, there are some interesting items of note.
On Friday at RSA, President Bill Clinton is scheduled to give a keynote titled, “Embracing our Common Humanity” The image below is for members of the press planning on covering it.
Happy Valentine's Day!
Update – 9:00 a.m.
Had an interesting meeting with nuBridges, the Atlanta-based company that centers their efforts on Tokenization. In truth, they were one of the first to bring the data security method to the market in 2009. Oddly, that was the year, that The Tech Herald was introduced to the company and their Vice President of Product Development, Gary Palgon.
This morning, Gary told us that nuBridges is moving to the cloud with their Tokenization offering. They call it Tokenization as a Service, or TaaS. What this means is that, companies who outsource their data to hosted services, or if you have to use the term, the Cloud, can still protect their data at rest and in motion.
Tokenization as a Service works exactly like an in-house Tokenization offering, the major difference is the ability to generate a token and store the sensitive data in a hosted environment. TaaS will work with credit card data, as well as any other PII, such as Social Security Numbers, salary information, passport details, and more. For their TaaS roll-out, nuBridges' hosted environment leverages Verizon Business' CaaS (Computing as a Service).
As expected, the key management, administration, and all operational aspects will simply move to the Cloud. Customers who are using the internal offering will notice very little difference between the TaaS when it comes to operations. Customers have the ability to move from internal hosting to TaaS with ease, thanks to product enhancements made earlier last year. Pricing for nuBridges' TaaS are based on monthly volume.
Day 1 - 8:00 a.m.
The sky is overcast and there's rain for opening day at RSA Conference 2011. This doesn't seem to surprise or bother many people, given that it is San Francisco, but it's keeping everyone inside. The vendors are all scurrying about, addressing last minute set-up needs at their booths, and most of the attendees are either in workshops or coffee houses.
Later this morning, we will meet with nuBridges, an Atlanta-based company that specializes in database and data security. We'll also head to B-Sides San Francisco, which we're looking forward to.
In other conference related news, Stonesoft, a security vendor with roots in Finland, reported the discovery of more than a hundred new AETs or Advanced Evasion Techniques.
AETs were first reported in October 2010. Since that time, Stonesoft has continued to research the problem, which led to the discovery of 124 new threats. Many vendors claimed to have “fixed” the product vulnerabilities disclosed in CERT-FI’s initial advisories on the 23 AETs discovered last fall, a Stonesoft press release said, but real-life testing shows otherwise.
“It seems that those who claim to have 100 percent protection against advanced evasion techniques do not really understand the magnitude of the problem nor have they done enough research around the issue. The discoveries made so far are only the tip of the iceberg,” says Joona Airamo, chief information security officer at Stonesoft.
For example, real-life testing in Stonesoft’s research lab confirms that AETs are still able to penetrate many of the systems that claim they are fully patched.
“This demonstrates that most vendors are only providing temporary and inflexible fixes to the growing AET concern, rather than researching and solving the fundamental architecture issues that give way to these vulnerabilities,” Stonesoft said in a press release. More information on their AET research can be found online (www.stonesoft.com) or at their booth (2533)
More updates to follow.