Predictions and Pointers for Maximizing RSAC 2018 Next Week


Publish Date

Apr 9, 2018

Written by

ZN Logo for Blog


Tagged with

  • RSA Conference 2018
  • RSAC 2018

As security vendors and professionals from across the globe gear up for attending next week’s RSA 2018 security conference, we wanted to give our perspective on what everyone should expect and how to get the most out of the conference.

The 2017 conference set a record with over 43,000 attendees, and we would expect that we could see close to 50,000 this year’s RSAC as security remains an important topic to every digital business.

Every year there are a few common themes from multiple vendors and the top marketing terms that we predict we will see include the following:

  • AI/ML – First, please don’t conflate the two terms. Machine Learning is a simple way of achieving Artificial Intelligence. Building proper ML models to power AI solutions typically requires a fair amount of data to ‘train’ the model. Make sure that the vendors who are touting these solutions can articulate how their offering truly delivers those capabilities.
  • Blockchain – Often confused with Bitcoin, or at least tightly coupled with it, blockchain technology is a decentralized, distributed ledger that records transactions using cryptography in an chronological, immutable manner. It is still early days for leveraging blockchain, especially in high-transaction environments, so once again, make sure that the vendor can speak to these potential issues.
  • IoT Security – Our hope is that we see much stronger regulations around IoT security, or lack thereof, very soon now. There should be ramifications for shipping any Internet-connected device with default credentials such as ‘admin:admin’ and vendors need to also start implementing strong Authorization (in addition to Authentication).
  • GRC – There needs to be new ways of addressing Governance, Risk and Compliance. Risk, which has typically been viewed as static, is truly elastic in today’s high-velocity Cloud and Mobile world. Traditional approaches won’t be, and haven’t been, effective so hopefully we’ll see innovative platforms instead of ‘next-gen’ products.
  • DevSecOps – This term has certainly seen a significant uptick in Marketing approaches, and we at ZeroNorth have been huge proponents of it since Day 1. The key thing to remember is that it’s a cultural approach where security teams are a collaborative part of the software development life cycle. There is no magic product that can ‘Do DevSecOps’.

We hope that everyone enjoys your time at RSA and comes away with actionable approaches and solutions to start moving the security needle in a positive direction. Our CEO Ernesto DiGiambattista and the rest of the team be there, and we’d love to connect.

eBooks & Research Reports

Research Report: The Journey to True DevSecOps

Many questions emerge as the topic of DevSecOps is volleyed about. First, confusion exists in terms of understanding what it actually means to get to true ...

Read Now


Application Security: Bridging the Gap Between DevOps and Security Teams

When AppSec and DevOps teams aren’t aligned on how to deliver secure software, fast, organizations are at risk. This video discusses how to tackle this challenge ...

Watch Now

Related Articles


When DevOps as a Service Meets Security

By Joanne Godfrey Jul 20, 2021

DevOps is one of the latest IT methodologies to be offered ‘as a Service’. With DevOps as a Service (DaaS), all tasks related to selecting, managing ...

Read More

Vulnerability Correlation

What is Application Vulnerability Correlation and Why Does it Matter?

By ZeroNorth May 28, 2021

As applications become more complex, and attack vectors grow more sophisticated, the critical importance of comprehensive software security testing emerges. These days, application testing has become ...

Read More

The ZeroNorth DevSecOps platform offers options for your DevSecOps journey—getting started with AppSec, finding enterprise visibility or fully integrating security into DevOps.