But arguably the biggest lesson we can learn at a Con is found on the vendor floor. The lesson might not be explicit, but the clues are there if you look close enough. The first clue is that for every security problem there is a security solution. Got a malware problem? Anti-virus companies to the rescue. Your people always falling for phishing schemes? There is a thing for that. Network lousy with the APTs? Step right this way. There isn't just one solution for each problem, there are dozens.
The other major clue you pick up on the vendor floor is that if the standard security solutions aren't enough for you, the “next generation” version is totally going to work. Why waste time with those other guys who are merely doing an ordinary job with plain vanilla algorithms, when you could be doing the job with blockchain-enabled, quantum-powered, artificial intelligence awesomeness? The problems are getting worse, so the solutions need to be amazing, right?
We absolutely need vendors to produce security solutions, but most people don’t need ‘next generation’ anything because they haven’t mastered the basics. The fact that we’re half-way through 2018 and we’re still reading about how IT executives don’t know what their enterprises are made of tells us people are spending way too much time and effort looking up in the sky when we should be paying attention to what is going on at their feet. It's like the couch potato watching the Tour de France, then dropping a couple grand on a top-of-the-line racing bike, registering for a double-century...and then wondering why he woke up in the hospital.
Before you take that follow-up call from the vendors who scanned your badge at the big Con (no pun intended), take a minute to ask yourself: Do I really know what my enterprise is made of? Do I really know what I'm protecting? If the answer IS NOT a definitive “yes” then you have more fundamental issues to address, and consequently, should be looking at a different kind of solution.
Feed a representative sample of network traffic (pcap) into Senrio Discovery to see what devices are on your network and who they’re talking to internally and externally. Use Senrio Insight to monitor network traffic in real-time, understand what normal behavior is for specific devices or classes of devices, and get alerts when devices behave abnormally. Use our API or various data export formats to ingest that data into your asset management system or SIEM. Create firewall rules, IDS signatures, or integrate with other applications in your tech- and security-stack.
Senrio tells you what your enterprise is made of. Senrio helps you defend what's yours.