Every few weeks a new security company is born. No matter what the brand or the segment, the data flow looks the same from on high: let's get smart people and write some smart software, suck in all kinds of telemetry and samples, and produce threat feeds and reputation feeds, and then... profit! This plan works more often than not, since the problem space and therefore the market continues to grow.
But why? Why if we're putting that many smart people to work on security, and writing all that smart software, and making all this money, does the problem space and therefore the market continue to grow? Are we doing this right — since everybody's making money? Or are we doing this wrong — and we're a bunch of corrupt dolts who aren't even recognizing the real problem or at least not trying very hard to solve it?
ISC's theory is that the nature of information sharing in the security industry is part of the problem. Having N security companies each have 1/Nth of the available telemetry and samples means that nobody has a chance of seeing everything — and mostly nobody sees anything. To that end we launched in 2008 the ISC Security Information Exchange (SIE), and today (2012) we're sharing about 500Mbit/sec of real time security telemetry.
Dr. Vixie will explain where we are with ISC SIE, how we got here, and where we're going. Of special interest is our first "vertical application", a high speed high quality Passive DNS database (ISC DNSDB), which Vixie will demo for the crowd in a couple of creepy ways. This presentation is mostly show and tell with a pitch to get people to contribute data, plus a pitch to join the Exchange and see the data, plus a pitch to anyone who might be able to use DNSDB in their work (free or cheap for dogooders, not free but reasonably priced for commercial use).
ABOUT PAUL VIXIE
Dr. Paul Vixie is Chairman and Founder of Internet Systems Consortium. He served as President of MAPS, PAIX and MIBH, as CTO of Abovenet/MFN, and on the board of several for-profit and non-profit companies. He has served on the ARIN Board of Trustees since 2005, where he served as Chairman in 2008 and 2009, and is a founding member of ICANN Root Server System Advisory Committee (RSSAC) and ICANN Security and Stability Advisory Committee (SSAC).
Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. He is considered the primary author and technical architect of BIND 8, and he hired many of the people who wrote BIND 9 and the people now working on BIND 10. He has authored or co-authored a dozen or so RFCs, mostly on DNS and related topics, and of Sendmail: Theory and Practice (Digital Press, 1994). He earned his Ph.D. from Keio University for work related to the Internet Domain Name System (DNS and DNSSEC).
Uploader: Hack In The Box Security Conference