For a long time I have heard rumors that the companies in the wireless IDS/IPS space were having a tough time getting a lot of traction.  There were battles around who had what patent and so forth, lots of partnerships and OEMs, but at the end of the day I don't think it led to a lot of revenue.  Confirmation for me on this came last night at the SANS 2008 conference In Orlando.  The booth next to ours is AirTight Networks. 

Two StillSecure employees went to AirTight some time back and have since moved on from there.  However, I was very familiar with their positioning and products. So I was very surprised to see the tag line next to the AirTight logo saying, "The global leader in wireless vulnerability management".  OK, so they have moved from wireless IPS to wireless VM?  What could be next, wireless DLP?  A look at their web site shows that they have lost the wireless IPS entirely and are all about compliance these days.  I think becoming a compliance only solution is a mistake, but it really comes down to me thinking it is a technology in search of a solution.

Bigger picture, the question is, do we really need a wireless only security solution at all or should security cross over wireless and wired?  Also shouldn't wireless security be built into the wireless gear itself?  For that matter shouldn't security be built into all networking gear?  All good questions with obvious answers.  In the meantime I think we see another group of companies caught by Shimmy's theory of security industry relativity.