<Fade IN:>

A few weeks back, I was sitting in my office in the middle of a meeting with one of my Directors and my phone rings. It came through as one of our trunk lines, so I knew it was a transfer form the receptionist, I was in a good mood, so I answered it. Low and behold it was my first call from a Rapid7 Sales representative (First that I actually answered that is). Knowing that Rapid7 recently acquired Metasploit, I gave the gentleman a listen. He talked up the RSA party, HD Moore, and the products that Rapid7 is currently marketing compared to some of the competitors. All in all, it was a perfectly fine conversation and I did walk away with some value add. My only critique was that it was pretty long, and I’m pretty busy to spend that much time talking about a product that we aren’t yet seeking a new vendor for.

<Announcers Voice:> Later the same day

I receive another call from a Rapid7 sales representative who had no idea that I had just spoken with a gentleman earlier! I might have been a little curt on the phone, but please refer back to the fact that I am actually extremely busy, and had already invested 40 minutes on the phone with the previous representative.

Later the same day I asked my twitterverse for information about Rapid7 products, because I trust my colleagues who have used them more then I could EVER trust a demo. Thanks to the great social community of Security Twits I gathered a great deal of information. Additionally, I learned from someone close to internal Rapid7 that Rapid7 follows all the Rapid7 mentions on twitter... what fun would a day be without throwing a #Rapid7 after some tweets?

<evil-grin>

In all seriousness, Rapid7 is doing some very positive things for the industry in regards to sponsorship of the SecurityTwits event at SourceBoston, employing some AMAZING researchers, and advancing the MetaSploit project with commercial funding!

Rapid7, please work on a sales team lesson in positive versus negative social media networking. Here are my examples of Rapid7 Negative Social Media Marketing:

LinkedIN

• Requests to professionals who they have never met or never worked with:

TwitterNames Ommited: “ Anybody know what’s the bright idea with Rapid7‘s sales team suddenly trying to join people’s networks on linkedin??”

“ Ok @Rapid7, your salespeople’s newfound relentless addition of my linkedin have grown irritating & bothersome. Please DIAF.<- Ah :”

• The February 16th slew of LinkedIN Spam from “Business Developers” that most of my colleagues received. Not cool!

Twitter:

• Rapid7 twitter feed is just a Press Release reel, there is no interaction with the community, same can be said for the Facebook page!

Notable mention:

Having the “JR” account reps monitor twitter for Rapid7 mentions — Boiler Room meets Rapid7!

+

The RSA Party!

I’m sure everyone is thrilled that Rapid7 is hosting a party at RSA. But again, this is another marketing fail. They might not want to use the acronym “VIP” as it generally doesn’t mean invite everyone in the world, post it on twitter, then brag about having 1,000+ people at the party.

In case you didn’t RSVP… you can do so here http://www.rapid7.com/forms/rsarsvp.jsp

Come on Rapid7, you can do better then this!

I’m sure you are a great organization, it sure looks as if your employees have fun working there, but I have to say that Rapid7 Sales and Marketing gets the *first ever* Official SecBarbie FAILBarbie award of the month for doing bad all by themselves!

If you have been living under a rock somewhere and somehow haven’t heard about this revolution known as SecurityBsides, well, perk up folks! With SecurityBSides San Francisco being the second large-scale un-conferences that compliments a large corporate conference, the proposed talks are already shaping up to be something so very special to our industry! This is an un-conference that is completely powered by the people, so if you haven’t yet voted for the talks that you would like to hear, do it or don’t complain!

Here is my short-list of talks that I think are going to be wonderful

*Some are not yet picked to present, so if you agree, vote often!

The Great Compliance Debate: No Child Left Behind or The Polio Vaccine

Panel Discussion: Joshua Corman , Jack Daniel (@jack_daniel) , Anton Chuvakin (@anton_chuvakin) , Andy Ellis (@CSOAndy), a surprise guest

How to Design and Develop Your Own Security Event

Stacy Thayer, Ph.D. @stacythayer

My Life on the Infosec D-List

Andrew Hay

Hacking the Sales Cycle

Gal Shpantzer

Being Inbred Isn’t Just a Problem for Hillbillies.  Groupthink and the InfoSec Industry

Vikram Phatak

Risk Management – Time to blow it up and start over?

Alex Hutton

What kind of self-serving person would I be if I didn’t put a shameless plug in for the Gender Panel: Unicorns, Clubhouses, and Ruffled Feathers: Women in Security:

Rounding out the panelist this year will be:

Jennifer Jabbusch – CISO of Carolina Advanced Digital, Inc.

Andrew Hay – 2008 “Security Thought Leader” award winner by SANS Institute / Security Blogger / InfoSec Professional

Lisa Lorenzin – Crazy smart solutions architect for an organization that I’m not sure if she’s listing (you have google, figure it out yourself)

Gurdeep Kaur – Author of controversial SANS Reading Room Paper “Women in IT Security Project Management”

Michelle Klinger – Full time QSA, defender of all things saucy and womanly.

To quote the weather channel

“The storm may reach the top 3 of all-time in the Washington, D.C., area and may rival the record of 28″ from the

“Knickerbocker” storm of 1922.”

I am taking a little break in the festivities to let you all know that it has officially snowed pretty hard at ShmooCon VI. My flight has been canceled for Sunday, so with any luck at all I will be arriving back in Chicago (aka, the land that can handle 6″< of snow) sometime early next week.
With that, I have to say that the spirits of all the con goers is absolutely amazing! Trash-bag sleds are being used as well as certain individuals who have snowboards and snowshoes. The content of the event has started out with a bang, and the actual tracks tomorrow look exceptionally promising!

Thank you to @quine ‘s employer for hosting the Securitytwits meet-up this afternoon, it was VERY enjoyable! Syngress held a very nice happy-hour meet-up, and the DC949 party was absolutely killer! Festivities are still commencing as I type, but sometimes one must just call it an evening!