Tag: Content

  • Security Products, Rules, and Complexity

    Security Products, Rules, and Complexity

    Security products need to detect known knowns, so they build up a corpus of rule content. This corpus grows faster than it shrinks, if it’s maintained at all: new known bad is found at a rapid clip, while software is retired from use very slowly. There are two constraints on security products’ ability to use […]

  • Engines and Fuel part two

    Engines and Fuel part two

    Part One Why don’t software vendor companies make content? The best answer is that they have decided not to invest (or similarly, have not decided to invest yet). Companies are often aware of the gaps their customers complain about, and yet choose to prioritize other things. A less good answer: they are not hiring the […]

  • Do I have a product here?

    Do I have a product here?

    Sometimes I chat with people who are interested in starting a side business, or even leaving their $dayjob. That can be a really rewarding option if you’ve got the opportunity. Of course, there’s nothing wrong with not doing it! Some people simply don’t want to run a small business along with doing the value-adding work […]

  • Know everything, then automate!

    Know everything, then automate!

    The concept of virtual patching has set me off on a small rant. If you’re not familiar, the concept is something like this: vulnerability scanners determine that PC42 in the CritStuff system has a nasty problem, but you can’t patch it for reasons. So instead, software magically figures out that exploiting this vulnerability requires access […]

  • Platform and Partners, Round Two

    Platform and Partners, Round Two

    After reviewing this post on platforms and partnerships, there’s more to dig into. By definition, you can’t cross the Bill Gates line by yourself, but who should you be seeking partnership with? Developers who consult or consultants who develop? What tools should you build for them? At the end of that article, I felt that […]

  • Why is open source content rare?

    Why is open source content rare?

    Open source community incentives are biased to prefer developers over content creators. Open source communities are particularly prone to this failure mode. After all, the developers in the community are all doing their work for valid reasons, so why wouldn’t content creators join them? Hot take: the incentives are different. Open source development is a resume-building value […]

  • Moving the transformation point of data

    Moving the transformation point of data

    There’s a pattern that has become common knowledge, perhaps on its way to received wisdom. Endpoints pass their raw data off to storage as quickly as possible. Analysts then do their work against that storage using map reduced processors, automated and/or ad hoc. This pattern has many benefits and is correct for many use cases. […]

  • DURSLEy and CAPS

    DURSLEy and CAPS

    Monitoring and metrics! Theoretically any system that a human cares about could be monitored with these three patterns: I’m hardly the first to notice there’s overlap… here’s a good starting point to read from. I haven’t seen these compressed to a single metric set yet, probably from not looking hard enough. Or because “DURSLEy” is too […]

  • Phases of Data Modeling

    Phases of Data Modeling

    Say that you want to use some data to answer a question. You’ve got a firewall, it’s emitting logs, and you make a dashboard in your logging tool to show its status. Maybe even alert when something bad happens. You’ve worked with this firewall tech for a few years and you’re pretty familiar with it. […]

  • Engines and fuel – who writes quality content?

    Engines and fuel – who writes quality content?

    In software, everyone wants to build engines, and no one wants to make fuel. A platform for executing content has high potential leverage and lots of vendors make those. The expected community of fuel makers rarely materializes. Content for software engines breaks down along two axes: simplicity versus complexity and generality versus specificity to the […]