Category: Alert Logic

An ongoing list of my blog posts at Alert Logic

An ongoing list of my blog posts at Alert Logic

In case you weren’t aware, I moved over to Alert Logic in May of 2017. I am in the technical product marketing group, which is essentially a job where I do various tasks that generally involve helping bring technical people and marketing people together (those two groups at infosec vendors often don’t speak each other’s language). It’s a fun gig so far with plenty of challenges.

One of the tasks that I have been assigned is writing informative articles on the Alert Logic blog (you can subscribe to the RSS feed also). Below is a list of the pieces I have written over there. Go check them out when you have a second. I’ll be updating this post as more go up there, and I’ll probably be including any other resources from other pars of the Alert Logic website that are technical in nature and generally relevant as a whole (i.e. not total vendor speak, which is not my job anyway). I’ll keep the most recent ones at the top for ease of finding the latest.

  • Posted on Sept 26, 2017 – Last tip of the 5 post series providing some tips on securing apps with SQL databases that are running on the cloud. This one is about intelligent and consistent log analysis.
  • Posted on Sept 20, 2017 – Part 4 of the 5 post series providing some tips on securing apps with SQL databases that are running on the cloud. This one is about basic cloud security blocking and tackling (identity and access management and patching).
  • Posted on Sept 19, 2017 – Part 3 of the 5 post series providing some tips on securing apps with SQL databases that are running on the cloud. This one is about the use of WAF and IDS in protecting your web applications.
  • Posted on Sept 15, 2017 – Part 2 of the 5 post series providing some tips on securing apps with SQL databases that are running on the cloud. This one is talking about static and dynamic testing (SAST and DAST) of applications.
  • Posted on Sept 12, 2017 – The first of a 5 part blog series providing some tips on securing apps with SQL databases that are running on the cloud. A lot of the tips apply whether or not you’re running your apps in the cloud, but we focus on cloud here, so there you go.
  • Posted on Sept 7, 2017 – An explanation of SQL Injection (SQLi). There are quite a few articles/posts out on the Web that explain this, but it is always good to have another take on it. And I give some pointers on how to fix SQLi, including code examples from Damn Vulnerable Web App. It’s another resource if you want to understand SQLi or need to give someone a pointer.
  • Posted on June 29, 2017 – Post about PetrWrap/NotPetya/GoldenEye/Whatever. This was my first post at Alert Logic. A lot of folks put some time into this one because of the fact checking that needed to happen about the outbreak. But it is a good breakdown.
My opinion of my first Gartner event in my 23+ year long career

My opinion of my first Gartner event in my 23+ year long career

I’m sitting here in the beautiful Gaylord National Resort and Convention Center in Washington D.C., nice and comfortable as I look out over the cool little “town” they built inside this gargantuan building. While I enjoy the artificial scenery, I am also thinking about the week I just spent at the Gartner Security and Risk Management Summit that was held here at the Gaylord (it’s wrapping up now). And frankly, it kinda surprises me to think that this was my first Gartner event. I have been in the IT and Security industry since 1994, and this is my first one. Maybe it’s because RSA, BlackHat, HouSecCon, DerbyCon, and BSides events have been my focus because most of my friends are there (and because I spend a lot of time organizing HouSecCon). Maybe I view those as more meaningful as far as security tech goes (RSA might not fit in that category for some). But I think it is more likely because, over the years, I have often joined with others in viewing the analyst business with disdain (I’ve expressed some negative views over my career). I have only recently (in comparison to the rest of my career) started working for vendors. So combining that with some of somewhat – but not overly – harsh opinions on analysts in the past, and I think it kinda makes sense why this is my first one.

Saying all of that, I’d like to list out some quick impressions:

1. I found it to be a generally good event. Very well organized. Some of the sessions had some great info, though the ones I saw were mostly on trends versus anything hard-hitting. That is the nature of the analyst business, so that is fine. As a vendor, the info can be very helpful.

2. Almost all the talks were succinct and not laced with “here are my credentials and why I am awesome”. Some might chalk that up to arrogance of analyst, but I found it refreshing in comparison to some of the talks I have attended in other conferences. Look, you’re up there talking. I will pretty much assume you’re knowledgable in your field. I will judge your talk almost completely on the content of the talk, not on how long you’ve been working or your certs.

3. Every talk I saw was well laid out and logical and ended with either time to spare or right on time. Gartner has trained their folks well.

4. You don’t go to these talks for entertainment. You go for information. I can enjoy a good talk where someone is keeping me laughing, but I value a talk that gives me the information I am looking for and gets it done.

5. The information was valuable. That doesn’t mean you take the analyst’s word as gospel. In fact, there were numerous points with which I disagreed. It does mean you use it as a data points to make a decision (which is what Gartner and other analyst firms are there for).

6. The 1-on-1 meetings I had with analysts were very helpful. This is the first time I have worked directly with analysts as a vendor representative, and I was impacted by the difference in those talks. But my main point is that the analysts were all very… human. They weren’t stodgy or impersonal. The talks were enjoyable and professional.

7. The 1-on-1s were kind of like speed-dating. I’ve heard numerous people make that comparison as I have started learning this new area, and it is very true. Get in there, see if you like, them, see if they like you, make a future appointment to meet again if the talk went well so you can get to know each other better, then go meet your next potential relationship.

8. Gartner analysts seem to fall into very well-defined lines as to what areas of the industry they cover. It’s seems to follow the OSI stack verbatim in many cases, and that makes sense for the sake of organization. The problem is that my new employer (Alert Logic) doesn’t fall neatly in those lines. So we often find ourselves talking to a bunch of different analysts to get full coverage. Not necessarily a bad thing, but it can men even MORE meetings than the typical vendor has to go through. It will be interesting to see that unfold in the next few months.

So, that’s it. If you’ve been in the industry a while and have done a bunch of Gartner/analyst events, this is all probably old hat for you. Hopefully others find it helpful when making decisions on whether to go or not (as a vendor or just an attendee).

Bitnami