I must admit that as I was wandering aimlessly among acres of vendor booths things looked pretty much the same to me. I saw new faces, but few new product ideas. Everything these days is a "solution," but nobody wants to talk in pointed, concrete terms about the problem that's being solved. I decided to drag some long-time colleagues aside and get the inside scoop. My conclusion? Innovation is not quite dead, but it's hiding well.
Let's start with Winn "the sky is falling" Schwartau. His new company, The Security Awareness Company, is tailor-made for his personality and doing some very innovative things. It's absolutely worth checking out.
Then I button-holed Chris Brown at Technology Pathways (ProDiscover digital forensics and incident repose tools). His new ProScript is unique. Using a Perl API his team developed for ProDiscover, users can script a very broad collection of forensic and incident response functions into ProDiscover IR using Perl.
Next stop was Mitre's CVE booth. I've been a CVE fan for as long as it's been in existence. Their big news is OVAL (Open Vulnerability and Assessment Language). This is an extremely cool way to manage vulnerabilities and vulnerability assessments. Again, my team is working with this and merging it with ProDiscover IR using ProScript to do automated host-based vulnerability assessment as part of incident response.
Finally, I ended up talking to Billy Austin at Saint Corporation. This innovative little company has developed a very flexible vulnerability assessment/penetration tool that allows fully automated penetration (not just vulnerability) tests. In addition, there is a tool with the capability of building trojans, worms and other blended threats (a la the old virus creation lab) for testing just about any kind of environment with which one might be faced. This is an extremely powerful tool for testing application software and new network segments prior to going live, or responding to zero-day threats.
Innovation dead? I don't think so. But there is so much glitz and marketing noise from companies doing the same ol' that it is really hard to find. It you look -- I mean really look -- it's there. And that's really good news from the conference circuit.