INVEA-TECH / Cognitive Security Spams

This is taken verbatim from with permission from Richard Forno.

How Not To Market Security Products & Services

Richard Forno

First published on 2010-03-28.

(c) 2010 by author. Permission granted to reproduce with appropriate credit.

Rant time!

On 21 March 2010 I received a note from an unheard-of security vendor in Europe hawking its products. Their unsolicited marketing material ("spam") sent to my personal address, contained nearly 8MB of attached files. I responded politely saying that I would not read their stuff because of how big their *unsolicited* material ("spam") was.

On 28 March 2010 I received an identical message from the same company (shown below). This time, it was sent to my work address and contained another 8MB of attached and unsolicited PDF spamvertising. (Screenshot)

Now, a 1MB file, I could understand. Maybe. But 8MB? And unsolicited? This firm does not know how to conduct serious marketing campaigns. Nor do they have any clue about e-mail courtesy, for no marketing person in his or her right mind would fire out marketing materials with 10MB worth of unsolicited attachments...and then expect a positive response! Once can be seen as a mistake; twice is intentional.

It's also interesting to note they are including a presentation by Marcus Ranum in their spamvertising. One wonders if Marcus knows about this? Has he approved the use of his presentation in their spamvertising? I shall drop him a note and find out. (Woe unto them if they haven't asked him, believe you me....)

Thus, I am reporting to my professional associates, and also to my readers/fans/groupies that INVEA-TECH and Cognitive Security (or their representatives) are conducting questionable marketing activities as an Internet security company. Their marketing techniques do not speak well for their competence or professionalism in this section of the technology marketplace. As such, I do not recommend their products or services and encourage others to avoid them as well.

Clearly, this security firm wants publicity. Ergo, I am offering them a few moments of my time and some free publicity by mentioning them in this message.

I still have yet to read their stuff, by the way - but based on the firm's first impression in how they apparently conduct business, I am not interested in *anything* they have to sell me, regardless if their stuff 'works' or not.

Can you feel the love, Guillaume?

From: Guillaume FORTAINE (
Date: March 29, 2010 7:06:33 AM EDT
To: rick[at]work-domain
Subject: [Rick Work] - Automatic Early Warning System : Runtime Monitoring and 
         Dynamic Reconfiguration for Intrusion Detection Systems
received: from ( []) by [rick work]
          (8.14.4/8.13.6) with ESMTP id o2TB6ulB027481 for
          (rick[at]work domain); Mon, 29 Mar 2010 07:06:57 -0400 (EDT) (envelope-from
received: by bwz7 with SMTP id 7so6155660bwz.4 for (rick[at]work domain); Mon, 29 Mar 2010 04:06:50 -0700 (PDT)
received: by with HTTP; Mon, 29 Mar 2010 04:06:33 -0700 (PDT)
received: by with SMTP id 25mr1474974bkx.135.1269860808228; Mon, 29 Mar 2010 04:06:48 -0700 (PDT)
mime-version: 1.0
x-originating-ip: []

Dear Mister Forno,

Let me introduce myself : Guillaume FORTAINE, Engineer in Computer Science. Me and 
my partners, INVEA-TECH (please see the attached file invea.pdf) [0] and Cognitive 
Security (please see the attached file cs.pdf) [1], are currently working on High-Speed 
Network Security Solutions.

That's why we would greatly appreciate to invite you to a further reading about our 
methodology in a CSIRT context (please see the attached file flows_at_mu.pdf) and our 
technology (please see the attached file paper4.pdf).

For a demo :

http:[ REMOVED ]

By the way, we would greatly appreciate to invite you to a further reading of the 
presentations of this conference entitled "European Workshop on Internet Early Warning 
and Network Intelligence" [2] and especially the attached file (07_doerges.pdf) to 
understand the role of an Early Warning System thus having a better overview of 
CognitiveOne, that is an Automatic Early Warning System (or 3rd Gen IDS, please see 
the attached file marcus_ranum.pdf).

There is a strong interest from Security Professionals in this technology. To quote [3] :

"Materials, Internet Early Warning and Network Intelligence, EWNI 2010

EWNI 2010 was held in Hamburg, Germany, few weeks ago. This kind of focused events 
are worth attending, I was there in -15 degrees, anyway check the slides here."

We look forward to your answer,

Best Regards,

Guillaume FORTAINE
Tel : +33(0)631092519
Mail :
Google Wave :

[0] http:[ REMOVED ]
[1] http:[ REMOVED ]
[2] http:[ REMOVED ]
[3] http:[ REMOVED ]

main page ATTRITION feedback