Jul16
Obviously you are somewhat into blogs if you are reading this, so I have a question for you. Do you read vendor blogs? What I mean by vendor blogs is the security and networking product manufacturers out there that have blogs. Do you read them? And if you do, what is your general opinion of them? have you found them to be more self-leaning, or have you found them to be more straight-shooting?
Let me know if you have a second. Just curious.
Vet
How about this though – could you always say who is blogging on a vendor blog: CTO or CMO…?
Same question as #9 above
I agree with Andy. Worth a look but should be taken with a grain of salt!
OK Michael sounds good to me. I personally don’t get hung up on such stuff. I look in my RSS reader, is something looks good I read it. If it doesn’t I don’t. What can I say, I am a simple man
Alan,
Are you being defensive? I don’t remember mentioning your blog!
Honestly, I think your blog and Mitchell’s blog both have vendor leanings, but I have no problem with that. I talk about Accuvant on my blog. It is natural, and totally legit. That being said, I think yours has a lot of personal elements, as does Mitchell’s. You both say what you think and have great general security discussions.
The Cobia blog is obviously a vendor blog, but I have no problem with that either. You are presenting it as such. If you presented it as a regular security blog and then just talked about Cobia all day, then I would have a problem.
Michael
I must disclose that I am a contributor to our vendor blog. We have tried diligently to refrain from product-centric posts in general. Instead, we try to focus on providing opinions and content that revolve around the portions of the industry where our product can be of value.
That being said, I’d be curious to hear when it might be appropriate for a vendor to reference their product offerings?
Sure, the good ones. The Matasano blog is technically a vendor blog, for example. And, oh yeah, my own too.
michael- i think vendor blogs are the greatest thing since sliced bread
Seriously, do you think of my blog as a vendor blog? I try to keep it my own blog, though I obviously work for StillSecure. But compared to some of these other blogs mentioned, I think mine is much more personal. What do you think?
I agree with a lot of the stuff already posted thus far. Three blogs that have great technical information and not a lot of marketing are :
1. F-Secure’s weblog (www.f-secure.com/weblog)
2. WatchGuard’s weblog (http://www.watchguard.com/rss/list.aspx) – Not updated enough in my opinion
3. McAffe’s Avert Labs – (http://www.avertlabs.com/research/blog/)
I do sometimes read them. It all depends on the amount of vendor marketing I think I’m likely to encounter. I read the Tenable blog because I like to see examples of things that they do with Nessus and their other products. I read the Google security blog, since they’re a pretty important part of the online landscape. I also read the WebSense, F-Secure and Kaspersky blogs, since they usually have good technical content.
But of course, when I say that I “read” them, I just mean that the articles appear in my RSS aggregator page. Whether or not I actually look at the article is really on a case-by-case basis.
I read some vendor blogs but tend to de-list those that start moving away from security concepts and more towards “look how great my product is at doing ‘xyz’!”
I don’t read many vendor blogs. I’ve seen them fall into one of four categories.
1) Sales pitches. Sometimes thinly veiled, but often they have a pretty obvious self-serving agenda.
2) Temporary feel-good marketing schemes. These blogs or sites start out like someone’s good idea, but quickly fall into disrepair and lack of updates after a few scant months.
3) Product-related vendor blogs. These tend to be awesome if you use their product already (the tenable blog is the easiest example), but less useful if you don’t use it.
4) The ones you can’t tell are vendor blogs. Kudos to them for hiding it well enough, or having no agenda other than simply talking to the community or unloading their own knowledge.
Honestly, I typically tire of the first three pretty quickly, and that last one, well, I probably read one or two and don’t know it.
I do read a few vendor blogs…very few. I see most are an extension of their respective marketing departments. As such not frequently updated and when they are updated, they do end up somewhat self serving. I do find good tidbits of information in Ron Gula’s Tenable blog. Many of his posts are about new plugins for the commercial side of Nessus but he puts a lot of technical detail in the posts.
Yes, I read vendor blogs. Some are good. Some really suck. But occasionally I get a good tidbit. SInce it’s my job to stay connected, I need to read anything and everything. But most practioners should find a few information sources and use them. They don’t have a few hours a day to peruse all of the information out there.
I have a section ‘Vendor blogs’ in my RSS reader. Unfortunately, most vendor blogs are even less active than my own
The ones that I monitor are
Cisco MARS blog
Google online security blog
MSRC blog
Pandalabs blog
I do read a few but ONLY if they are not just sales tools. WatchGuard is a good example of a good vendor blog that actually gives you useful information that doesn’t spend all of their time trying to sell you their products. Another really good vendor blog is Eratta Security blog. I am not interested in reading a marketing blog from a vendor. If I want that info I will go straight to their site and look at whitepapers and brochures.