Regional security conferences

I spend an inordinate amount of time on the road speaking at regional security conferences. Today I am at The West Coast Security Forum conference in Vancouver. These events are great because they are networking events for the local IT security folks. While I enjoy the speaking part the most I also love checking out the vendors that have put up the cash to exhibit at the conference. There is an ebb and flow in every vendor's conference strategy. One year they will be at every event, the next year nothing. But the really educational part of seeing all these events is meeting the founders of new security startups.

This week I met Gary MacIsaac, President/CTO of a just born company called Cetacea. Great name if you are in to marine wildlife. Their twist is on more better IDS in that they use existing MIB traffic to monitor a network. They have a few simple algorithms figured out for what is "normal" and can alert you when something fishy is going on. They are still at that stage where they have not developed the pretty GUI that shows your network pulsing with attacks but I imagine that large data centers are going to be interested in this technique for monitoring huge amounts of data flow with no new overhead. What is really cool about their product is that it is delivered on the Gumstix device, which are the tiniest Linux computers ever.

There are dozens of new security companies that I encounter as I travel to these regional conferences (already booked for South Africa and Australia next year, heading to Hertfordshire next week). The beauty is that these are not your dotcom boom-bust types of developments. They will not end up on any list of 20 Worst VC Investments. These companies may just grow to small regional players, most likely they will be acquired, but either way innovation and progress are alive and well in IT Security