Nick Selby leads The 451 Group’s Enterprise Security Practice (ESP), which provides objective analysis of enterprise security businesses and trends. Nick also serves as The 451’s Director of Research Operations, leading the coordination of 451 analysts’ research methodologies and processes.
This blog reflects my personal opinions and views. In no way does it reflect the views, opinions or positions of The 451 Group.
Nick is on the faculty of the Institute for Applied Network Security, and he speaks regularly at industry events, such as the Security Standard, CSO Interchange, SANS WhatWorks and other conferences. Prior to joining The 451 Group in October, 2005, Nick worked as an IT security consultant to small and midsized firms subject to regulatory compliance and strict confidentiality.
Based in Eastern Europe and Europe from 1990 to 2004, Nick spent a decade covering various emerging technologies, including open source and wireless technologies, and software piracy. He was Editor at Large for Amsterdam-based Tornado Insider/Tornado Investor, and has reported on technology and tech-based financial news for the International Herald Tribune.
An instrument-rated pilot, Nick published an online pilot resource, Flyguides, from 2001-2005. Nick is also an avid Linux hacker and member of the Capital District Linux Users Group, and a PHP/MySQL enthusiast.
As head of The 451 Group’s security practice area, I engage regularly with vendors and the enterprise IT investment community, speak with vendors, and analyze business and technology in IT security. I use this blog to record several types of information I gather in this process, but most of all as a vehicle to freeze in time some of the best marketing blather and gobbeldygook corpo-speak handed to me in lieu of English.
Most vendors explain clearly what they do. Some insist on speaking about something else, like the one which described its capabilities in the arena of, no foolin’, "Federated-related organizational to organizational business/web services interoperability".
Because 451 doesn’t do pay-for-play, its analysts can be entirely objective, which means among other things that we can say if something sucks, and we don’t use the word ’solution’ unless we’re describing a mixture of more than one element into a homogeneous liquid or talking about the value of X (as in 2+X=5). Much of our day is therefore spent describing what the vendor would say about itself if only it spoke plainly.
At 451 I cover IT security subsectors including:
- anti-malware and messaging hygiene
- intrusion detection (IDS)
- intrusion prevention (IPS)
- enterprise security information management (ESIM), security information management (SEM) and log management
- anti-data leakage
- anti-money laundering (AML) and anti-fraud
- penetration testing and fuzzing
- network behavior anomaly detection (NBAD)
- network access control (NAC), posture checking, endpoint integrity and post-admission NAC
- storage security
- secure socket layer virtual private network (SSL-VPN)
- secure remote access, encryption and key management
- authentication and access management
- vulnerability assessment, network visualization, patch management
and various other areas of information technology security.