Security experts gather for CSI Conference

With memories of August's worm outbreaks and recent spam attacks fresh in their minds, computer security experts will gather in Washington, D.C. this week for the annual Computer Security Institute (CSI) Conference and Exhibition. 

Discussions on network attacks are expected to be popular topics at the conference, as are announcements from a number of companies about technology that can automate attack detection and response, according to show organizers.

More than 175 security technology vendors and between 2,000 and 2,500 attendees are expected at this year's show, according to Chris Keating, director of CSI. Those numbers are below the pre-September 11, 2001 peak, but up markedly from the previous two years, he said.

Judging from preregistration figures for the Conference's technical sessions, interest in network attacks is high, with many sessions in the "Attacks and Countermeasures" track fully booked, Keating said. A new Advanced Technology discussion track is geared towards the increasing number of attendees with more technical backgrounds. Sessions in that track will dig into issues surrounding secure coding practices, Linux and PKI (Public Key Infrastructure), Keating said.

Technology companies are also using the CSI Conference as a venue to unveil new products and product upgrades, with a focus on automated detection of security threats and enforcement of security policies.

IBM Corp. will launch a new version of Tivoli Risk Manager, its security incident tracking product, at the show. IBM has integrated Tivoli Risk Manager 4.2 more tightly with Tivoli Configuration Manager, enabling Risk Manager to consult Configuration Manager's inventory to determine whether the systems it manages are adequately patched or vulnerable to attack, IBM said.

The new version of Risk Manager also comes with features that enable administrators to create customized and automated response to security incidents. Administrators will be able to use a new Web browser-based tool and a template for specifying actions in response to security events, IBM said.

Meanwhile, High Tower Software Inc. will use CSI to preview the second generation of its TowerView Security enterprise security management product. TowerView is a security event management tool that collects and correlates data from network security devices then displays those results so that network administrators can spot anomalous behavior, according to Dr. Ursula Schwuttke, vice chairman at High Tower.

For its latest release, the Aliso Viejo, California, company moved the TowerView software to 1U rack mounted hardware appliances that ship with a hardened Linux operating system, the company said. The TowerView 1000 appliance sells for around $48,000 and can manage around 30 network security devices. The 2000 appliance sells for around $90,000 and can manage between 30 and 90 devices, High Tower said.

Computer Associates International Inc. (CA) will also be at the show to unveil the first component of its eTrust Identity and Access Management Suite, a new version of eTrust Admin, according to Bilhar Mann, vice president of product management at CA. The new version of eTrust Admin features an updated user interface and more features to help customers tie user provisioning features to other business processes, Mann said.