RSAC SF 2023: Why Are XDR Vendor Pitches Garbage?

Yesterday I listened to Cisco try to argue that musicians can’t play music apart and have their sounds stitched back together.

This absolutely is untrue. Any musician using a time signature with beats per minute can lay a track down without hearing any other musician. Here’s a perfect example. If I record a percussion instrument, it’s not necessary to hear the other musicians. You’re probably thinking a drum beat, but a piano also is a percussion instrument. Go ahead, record your track in a soundproof studio and let someone mix it later with other instruments and vocals. It will be fine. Time after time.

Cringeworthy stuff.

Today Trellix gave a talk where they said if you’re a goalie and block 9 out of 10 shots, then you shoulder all the blame if your team loses 1 to nill.

Again, absolutely untrue. Blame also goes to those on your team who failed to score. In fact, and this is where I really had to laugh, Trellix closed their presentation by arguing you can’t win with defense alone. The speaker literally blamed offense after saying defense will take all the blame.

Offensive hacking out of a SOC run by robots. Wat.

I mean they literally destroyed their own presentation. They gave listeners a case for not sinking any more money into security response and instead floating offensive roles… a shift I have been talking about for at least ten years (yolo ArcSight) and definitely WOULD NOT trust a robot with.

To put it simply the XDR pitch analysis is seriously lacking. There’s no way that trust should go to companies that fail to articulate an understanding of the problems. The music and the sports analogies are flat wrong.

I don’t know if it’s just XDR that is causing these presentations to fall on their face, but these XDR vendors definitely aren’t making sense.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.