Search
Close this search box.

RSAC 2023 Recap

SIEM platform

After four jammed packed days in the Moscone Center in the heart of San Francisco, RSAC 2023 is in the books. By now, most attendees are probably back to their day jobs, keeping us protected from the bad guys. Before settling into my daily routine, I thought I’d share a few takeaways from this year’s conference.

We are Back

I am embarrassed to admit that I cannot remember how many RSACs I’ve attended in person, they all kind of run together over time, but if I had to guesstimate, I would say this was probably my 8th or 9th. At any rate, the moment I hit the expo floor on Tuesday morning and saw the crowds of attendees everywhere, it was clear that we were back, and the pandemic was definitely in our rearview mirror. Walking the floor, the energy coming from everyone was palpable. In short, after a couple of years of being sequestered, security practitioners were more than ready to mingle with their peers. While the size of the show, in my opinion, seemed back to pre-pandemic levels, more important was the number of quality discussions we had during the conference. Practitioner after practitioner who stopped by our booth or scheduled a meeting with our executive team sought new ways to solve their problems. This behavior signals that regardless of macroeconomic conditions, cybersecurity remains a priority for organizations.

 

Automatic for the People

No, R.E.M. wasn’t playing their classic album at the conference, but automation was top of mind for many vendors and attendees alike. Automation is one of those topics that surface in many different ways. For some vendors, their automation story came across in their (early) adoption of Generative AI (e.g., ChatGPT), claiming the ability to aid in threat hunting, investigations, and doing your taxes, you get the idea. Unfortunately, from my view, many of these vendors are “way over their skis” in their actual ability to deliver a product that includes generative AI. Still, their PowerPoint and videos sure looked slick. For others, like Stellar Cyber, automation comes from taking manual tasks across the investigation lifecycle and automating them. I had many conversations about the benefits of marrying intelligent automation with human expertise to drive down mean time to detection and response. Regardless of how vendors tell their automation story, the attendees and the market are thirsty for automation to help close their teams’ skills gaps.

 

Hey, wasn’t that called XDR last year

At RSAC 2022, you couldn’t walk two feet without seeing vendors advertising their new XDR products, regardless of whether they had actual XDR capabilities. Fast forward to last week. The frenzy around XDR was gone. Instead, many vendors that jumped on the XDR bandwagon in 2022 had pivoted to another buzzword attached to their product, even if it hadn’t changed. Sadly this flip-flopping is par for the course in our industry. That said, plenty of vendors were still promoting their XDR products when walking the floor. In addition, a few of the market stalwarts introduced new XDR solutions. While there is an ongoing debate on what XDR is, it is clear that many vendors are looking to meet the market need to deliver better detection and response capabilities across the broader attack surface beyond just the endpoint. You might remember that in my pre-conference blog, I predicted that “Open XDR” would be a hot topic at RSAC.
As a reminder, the “Open” before XDR means that organizations can ingest data from any data source. Unlike traditional or closed XDRs, which typically only deliver integrations within their product portfolio and force other vendors to develop integrations, a genuine Open XDR provider develops all the product integrations themselves. So, back to RSAC. I wouldn’t say that Open XDR was a front-and-center hot topic for the entire conference. Still, I can tell you from first-hand experience that they were very interested when we talked about the Stellar Cyber Open XDR platform and how an organization can make all their products work better together.

 

Next Stop – Vegas

As hard as it might be to believe, our industry’s next big conference, Black Hat, is less than three months away in Las Vegas. Watch this blog for more information about what we have cooking for that event.