RSA Conference 2019: All Data is Security Data

Last week, along with thousands of attendees from across the globe, Devo descended on San Francisco for the annual RSA Conference. Like you, we’re still recovering, but after reflecting on the conversations and sessions, we think it could be the best RSA Conference yet.

We always look forward to meeting users and potential users in person; first-hand conversations are the best way to understand how they are using technology to solve their data challenges, especially as security becomes more complex and challenging.

Over the course of the week, we were able to speak with a number of attendees, listen to other experts, and sit in on valuable sessions. Here are some of the main takeaways:

  1. Attendees expressed hesitation in putting security data in the cloud, which is understandable given constant news of breaches. On the other hand, cloud is the ideal platform to support the growing volume of security and business data hitting security analytics platforms. Therefore many prospects were interested in a hybrid or a multi-cloud approach to security data analytics by blending their own cloud service provider or a private cloud. For some, on-premises is still the best bet.
  2. Engagement and enthusiasm have increased tremendously, and DevSecOps is entering as a new avenue for developers and security analysts to get excited about implementing security practices into application lifecycles earlier and better.
  3. Data retention was top of mind for many attendees. Long-term data retention is just too costly in many of the available tools on the market due to the sheer size of the data being stored for longer than a few weeks at a time. However, sharing insight on data ingestion and indexing kept many of our booth visitors informed on the options for getting the most out of their data while keeping costs in check.
  4. The breadth of technologies available demonstrated the next-generation and new iterations of every security-related product you can think of. Users have an appetite for the next-gen version of core technologies like email security and SIEMs, but it was clear the spectrum of offerings could be overwhelming for some trying to maintain data security while adhering to budgets.
  5. The industry no longer relies only on automation to get things done. Instead, the smartest companies and individuals understand security analysts are best served by technology that augments their roles, not replacing or changing them.

From this I see three major trends shaping this dynamic industry:

  • Flexibility is critical. Customers are looking for security solutions that can fit into their existing architecture, which is most often hybrid.
  • SOCs are empowered to make analysts more effective. What does this mean? Traditional SIEMs, SOARs and UEBAs are undergoing a shift, and platforms like Devo are enabling analysts to treat all data as security data, making threat hunting and intelligence smoother and more automated, and helping them deliver on a variety of needs within their organizations.
  • The multitude of solutions available in the market today, and in attendance at RSAC, is broad and can be overwhelming. Some solutions fit into the email security umbrella, others into network firewalls, and still others into container security. What is often the best test of whether a security solution will suit needs is to look into your crystal ball and see that data is continuing to grow as attackers diversify their means of attack. Plan accordingly by choosing a solution that scales.

As we reflect on RSAC, we’re grateful to customers, partners, and attendees for stopping by the booth and engaging in conversation that will drive Devo and its solution features through the remainder of this year. If you would like to see a demo, or learn more about our security solution, please reach out.

Thank you, and we’ll see you next year!