By Sean Martin, CISSP
With so many companies hitting the infosec scene over the past few years, analysts have tried to help the industry get a handle on what’s out there by putting vendors and their technologies in "buckets." However, these buckets tend to get so big – and also so numerous – that it's hard to figure out what's what and who’s who. How can you tell two companies apart, let alone 5 or even 10?
Events such as Black Hat are a great way to see and hear what’s happening in the market first hand – straight from the vendors themselves. You can explore every aisle of the expo floor and try to visit every vendor, but this can be an exhaustive – and, quite frankly, meaningless – task if there is no clear objective in mind.
There are no fewer than 256 companies (as of this writing) with reserved booths at Black Hat USA 2016 this year. As you plan your navigation of the hall to see that many vendors, keep in mind:
1. Who to visit
2. What to look for
3. What to say (or ask)
The best way to approach this is to start with the 2nd point first. Consider the following methods with which you can explore the hall:
- Mindlessly walk every aisle, randomly stopping at booths that catch your eye
- Start at the big booths and work your way out
- Start at the small booths and work your way in
- Randomly follow other attendees and hope they know what they’re doing
- Poke your head into the hall, immediately turn around, and head to the hotel lobby to carelessly use your debit card in the ATM
Each of these methods, in my opinion, leaves success to chance. Unless you like chance (you are in Vegas, after all), feel free to leverage the following tips and tricks I’ve put together to help Black Hat attendees make the most of their time on the Expo floor.
1) Leverage current and planned projects
If there’s a project on the books, I would encourage you to understand what’s required for it and identify those vendors who can help you meet your objectives. Visit the Business Hall portal to search for the companies you want to visit:
Note: I wish the full capabilities of this tool were enabled so we could search for the categories and capabilities offered by the vendors. For now, you’ll have to do a little recon before you visit this tool. Perhaps next year the info can be added so the planning can be performed more easily.
2) Figure out what new things you want to discover
Similar to the project suggestion, it’s always good to see what’s new in the market. While the “new stuff” is often presented by the start-up vendors – who typically take the smaller booths that surround the outer edge of the hall – there might be some established vendors with some cool new gear they’re slinging.
With this, my recommendation would be: once you’ve hit your targeted project-based list, walk the outer edge of the hall to see what’s going on and look for key words in the messaging that catch your eye. This will cover the new entrants in the market.
The best way to find out what cutting edge technology (or perhaps swag) that the established vendors are offering is to monitor their press releases surrounding the event. The team here @ ITSP has collected some of the press already, and we’ll continue to monitor and collect other news that we will then share with our audience. This, and other Black Hat coverage, can be found here: http://www.itsecurityplanet.com/black-hat-usa-2016-event-news-coverage
Note: If you are a vendor that has news to share, feel free to send it to us using this form: http://www.itsecurityplanet.com/submit-press-release
3) Ask around once you get there
One of the easiest ways to get pointed in the right direction towards what’s hot and what’s new is to ask other people what they’ve seen and which are their favorites. If you see something exciting, share it with your peers.
Of course, some of the latest wares will be in display in the Innovation City. Don’t miss the collection of what appears to be 37 innovative vendors. You can learn move by visiting: https://www.blackhat.com/us-16/event-sponsors.html#innovation-city
4) Follow @ITSPMagazine
I get it, it may be a little uncomfortable actually talking to someone. If that’s the case, you can send the team at IT Security Planet a message via Twitter and we will get the word out for you. Similarly, if you want to see the tips from others, follow the hashtag #ITSPtips.
5) Boycott booths with “booth babes”
Our team recently announced a partnership with Dr. Chenxi Wang and launched a new column here on IT Security Planet called Equal Respect. One goal with the column is to eliminate the use of unacceptable methods of marketing (aka “booth babes”) that go against the movement toward diversity in the cybersecurity industry. Given this, we would encourage you to steer clear of these booths to help us succeed with this essential movement for an important cause.
6) When you do stop at a booth, make sure you have the right conversation
If you’ve taken the time to plan out your route, I highly recommend that you plan out your conversation with the vendors you’ll meet.
If you’ve been to an event before, you know that the vendor will likely try to grab you and drag you to their booth so they can tell you all about the cool, new whiz-bang features their products and services have. That’s great – but just because they are cool, new, and whiz-bang doesn’t mean they matter to you, or to your projects.
If you’re serious about finding a solution to your cybersecurity problem, I recommend stopping them in their tracks and getting them to answer some very pointed questions (that you’ve prepared for them in advance, of course!). Take this opportunity to force them to put their money where their mouth is.
I was chatting with a friend and former colleague, John Dasher, about this and we brainstormed what some of those questions might look like – with the main goal being to cut through the vendors’ top-line messaging, which probably all sounds and reads the same when you visit each booth.
He went on to say, “Ask yourself the hard questions first: ‘why am I looking at this technology in the first place – what business problem am I looking to solve?’.
Then, you can pose the resulting problem to the vendor for them to address.
“Remember, most vendors would much rather discuss your specific business or security problem than speak in hypotheticals,” Dasher added.
John and I came up with a few sample challenges you might be having and the related questions you might ask:
- “My HR department is trying to enable ‘X, Y, Z’ and I’m trying to find a way to make that happen for them. They have these operational limitations in place that I need to account for. How can your solution help me with this?”
- “Our board of directors is concerned with the latest ransomware threat that hit the news this week. Most companies here claim they can stop ransomware but oftentimes don’t actually solve the entire problem, only a piece of it. How and where does your solution fit in to the grand scheme of this ‘ransomware’ issue?”
- “Given the nature of our business, we know that we have risk related to internal threats and we understand that monitoring user behavior is one way to mitigate this risk. We’re not quite sure how the various data sources fit into the big picture. Which specific data sources are needed to address my specific problem, and how does your solution access them?”
- “We have our monitoring and alerting systems fine tuned to a point where they work fairly well. We now need a way to make our hunters more effective and efficient. What data, views, tools, and automation does your solution offer that will make things look significantly better tomorrow compared to how the team operates today?”
Go get ‘em tiger!
One final point: make the vendors work for their lead. Remember that they are there to help you find solutions to your information security (or, more importantly, security-enabled business process) problems.
While this is not an exhaustive list of tips – and certainly not a comprehensive list of question to ask the vendors – hopefully it does give you some ideas as to how to make the most of your business hall time at Black Hat this year.