A few months back Chris Hoff – then Chief Security Architect at Unisys challenged Simon Crosby – CTO at Citrix Systems to a sumo match. My oh my that would have been fun to watch, but alas it never came to fruition. I figured the next best thing would be to attend the Virtualization Security panel where the two of them could duel it out. On the panel with them were Michael Berman – CTO at Catbird and Steve Herrod – CTO and VP of R&D at VMWare, the moderator was Andreas Antonopoulos – Sr. Vice President at Nemertes Research. A good lineup for sure but would it live up to the hype?
It was very good, but it could have been even better. Andreas did an excellent job keeping everyone in line so props to him for that. Hoff was his usual self – poking, prodding and making his points as only he can. Crosby was trying hard to push buttons and seemed to succeed but there were points he tried to make without any legit information. Berman was very quiet and looked like he just wanted to stay out of the fray, probably a good choice. Herrod had many opportunities to bitch slap Crosby and in turn Citrix but unfortunately he didn’t. It was as if VMWare had put a gag order on him and gave him a script with a few phrases he was able to use. If Herrod had been more open and direct this panel would have been UNBELIEVABLE!
Crosby is fun to listen to but sometimes taking him seriously is difficult. For those who don’t know, he is of the belief that a virtualization platform company should secure the hypervisor but the remaining security in the virtual environment is someone else’s problem. His justification for this statement is that they are not security companies and should leave that to the professionals. He bashed VMSafe calling it weak, without ever seeing it mind you. He actually called Herrod incompetent at implementing security and when Hoff spoke up mentioning that Steve is not actually implementing the security Crosby then said that all of VMWare is incompetent. If he was on the street pitching this shit I would give him a few bucks thinking this poor crazy homeless guy needs something to eat before losing his mind. If the CTO gig doesn’t pan out for him at least he has a fall back. Seriously though, he is obviously a smart guy but seemed to just be tossing out the most absurd statements to get Herrod fired up hoping he would snap.
Herrod didn’t appear to be fired up but he should have been. I wanted to hear the VMWare representative flex some muscle and teach Crosby a thing or two about why it is important for VMWare to roll security into the product. There are so many examples he could have thrown out to prove his point, but he didn’t. Instead VMWare got slapped around without any real defensive action, or worse, without any offensive action. Luckily for Herrod and VMWare, The Hoff was on the panel. Hoff had no problem calling Crosby out on his outlandish remarks and mostly played the role Herrod should have. When he gets on a roll it is fun to watch, and he was rolling. VMWare should pay him some serious cash for protecting them against the bully. 
Look, I don’t care that VMWare is not a security company. I don’t care that their expertise isn’t on all things security. As far as I am concerned they are taking steps toward helping their customers implement more secure virtualized environments than they have today and that is the right thing to do. They will not get it 100% right out of the box, but something is better than nothing.
–DanO
Filed under: Conference, Security, virtualization, vmware | 2 Comments
Tags: Berman, Crosby, Herrod, Hoff, hypervisor, RSA, sumo match, Virtualization Security
Had a really good conversation with a group of guys this past week at RSA about some new technologies that are going to change, or try to change, different aspects of technology and specifically technology as we know it today. I had a bunch of examples of things I’ve seen or people I have spoken with which stirred up a lot of conversation. At the end I was asked why I don’t blog about all this cool new stuff hopefully coming down the pipeline.
The truth is I would love to but I also don’t want to get fired. Working for an organization that invests in technology companies means I have to be careful about what I write about. We have some cool portfolio companies, a few that are in stealth mode right now. Writing about what they are doing and how would certainly increase my readership but at the expense of potentially saying something that needs to stay private. This would not be good. While I love blogging and sharing cool stuff with you guys, I love being able to pay my mortgage even more.
Another thing I would love to write about are start-ups that are doing something cool and are looking for funding. This isn’t going happen much either because more than likely I am going to get them talking with our investment guys about a potential partnership. I obviously don’t want to write about a company we are trying to fund and as a result drum up competition from a Venture firm.
So, that is why I don’t write about most of the new and cool stuff I see and work with. Trust me, I would like to and it would mean more blogging for sure but I don’t think it would be a good move. On that note, I love when friends or readers contact me with companies to look at, so keep them coming. At least you know I won’t write about it.
–DanO
Filed under: Investments, Lesson Learned, Startups | 1 Comment
Tags: cool startup, emerging technology, new
RSA 2009 – It was a long week
As many of you are aware, I spent last week in San Francisco attending the RSA Conference. My blog qualifies for press creds which makes whether or not to attend a no brainer. I am planning to break down bits and pieces of the conference over the next few days of blogging but here are some quick observations.
Attendance was down this year from previous. Due to the economy this shouldn’t have been much of a surprise to anyone. I don’t have any hard numbers but one RSA staffer mentioned 12k attendees this year compared to 17k last year.
Being as how I was there with press creds I felt obligated to talk with LOTS of vendors, afterall without them spending tons of cash for booths, parties, and advertising we wouldn’t be having this conference. The vibe from vendors I spoke with was mixed. On one side of the spectrum they were complaining about lower traffic and lack of interest from attendees but on the other side of the spectrum some vendors were claiming this to be the most successful conference they have ever been to (some citing deals being inked on the show floor).
I registered as Press but listed my employer on the badge. This caused much confusion on behalf of the vendors. When I asked a question they seemed conflicted with how to answer me, wanting to know if I am asking as a member of the press, an investor, or a potential client. This should not be a major concern to a vendor when you are asked to give me your elevator pitch. Next year I plan to keep it press oriented only.
The sessions I attended were good and were worth my time. I wish there were sessions going on during keynotes so that you had a choice. With that said I realize the vendors giving keynotes are paying mucho dollars to on stage and as a result the conference organizers want to make sure people attend. And whats up with the Expo floor not opening until 11am….come on!
As with any conference some of the most interesting knowledge is picked up outside of the conference walls. I was fortunate to meet up with some great people this trip for meals, drinks, parties, briefings, and even elevator rides. I have lots to follow up on with these folks and some great ideas.
Last but not least I am glad to be home. Echoed by many: It was a long week.
–DanO
Filed under: Conference, Security | Leave a Comment
Tags: attendance, expo, observations, parties, RSA Conference, sessions, vendors
Wednesday Night Fun — April 15th
If you have nothing to do on Wednesday night then I have two good options for you.
The MIT Enterprise Forum is hosting a cloud computing event. It looks like it will be an interesting event, and for $30 you can’t go wrong.
If the cloud isn’t your thing or you just can scrounge up $30 there is always BeanSec! Always a great time with great people.
I’ll be at the MIT event and if time allows will try to make an appearance at BeanSec!, hope to see you at one or the other.
–DanO
Filed under: Security | Leave a Comment
