5:45 PM -- HD Moore's already there. RSnake (a.k.a. Robert Hansen) just moved there, and now Microsoft senior security program manager Michael Howard is leaving Redmond for Austin, Texas, at the end of June. (See Microsoft's Happy Bugfinder.)
Cisco and IBM already call Austin their security homes, and 3Com/TippingPoint, AMD, and Motorola, are also in town. Moore, who's lived in Austin for about 13 years, says it's the tech center of Texas for startups and security companies, including BreakingPoint Systems, where he works as director of security research. (See Startup Launches Breakout Testing Tool and 10 Hot Security Startups.)
As the Silicon Valley of security, Austin's hip, it's techie, and it's becoming a magnet for the researcher crowd. The state capital is, of course, a big-time college town that houses the Longhorns of the University of Texas (besides football, also known for engineering and security), as well as several other colleges. And there's affordable real estate compared to the much pricier Silicon Valley. Austin is also well-known for its late-night and 24-hour coffee shops that also serve alcohol and offer free WiFi, such as Spiderhouse and Genuine Joe's, which attract hackers galore (including Moore).
Silicon Valley started with chips, and Austin, with intrusion detection systems. (Note: Austin is also home to Dell, of course, but this is a look at security history.) Austin's security culture dates back to the '90s, with research by the Air Force Information Warfare Center in San Antonio that eventually led to modern-day IDS technology. "In the 1990s, they spawned much of the IDS technologies. Some/most of the guys went to work in Austin, and others went to the giant Ernst & Young security team in Austin," says Ralph Logan, principal with The Logan Group and vice president of the Honeynet Project, and a native Texan.
IDS nostalgia obviously wasn't what drew famed hacker RSnake there to start up his new consulting firm SecTheory, nor Microsoft's Howard, who had been looking to move closer to family in Texas. And heck, Moore has already shown how to bypass IDSes -- several times. (See RSnake, Unmasked.)
Austin's Next Big Thing definitely won't be just one big thing. With hackers like Moore and RSnake in town, and Howard incubating Microsoft's Security Development Lifecycle best-practices for its partners with the possibility of even offering SDL-type services, Austin will be home base for an intriguing mix of security hacks and patches.
Hook 'em, horns!
Kelly Jackson Higgins, Senior Editor, Dark Reading