Hundreds of companies and organizations showcased their cybersecurity products and services this week at the 2023 edition of the Black Hat conference in Las Vegas.
To help cut through the clutter, the SecurityWeek team is publishing a digest summarizing some of the announcements made by vendors at Black Hat USA 2023, including new products and services, updates to existing offerings, reports, and other initiatives.
MELEE, a tool designed to detect ransomware infections in MySQL instances, was released at Black Hat Arsenal. The tool allows researchers, penetration testers, and threat intelligence experts to detect compromised MySQL instances running malicious code. It can also be used to conduct research into malware targeting cloud databases. The tool was developed by Aditya K Sood, Sr. Director of Threat Research and Security Strategy, Office of the CTO, F5.
Email security firm Abnormal Security has launched CheckGPT, a new tool designed to detect AI-generated email attacks. CheckGPT determines the likelihood of a BEC or other social engineering attack being created using generative AI.
Adaptive Shield has launched Identity Threat Detection and Response (ITDR) capabilities to help organizations mitigate identity-related threats. The capabilities can be paired with the company’s SaaS Security Posture Management (SSPM) solution.
Data security firm BigID has announced a data risk assessment reporting capability that allows organizations to streamline data security posture reporting.
Application security posture management (ASPM) firm Bionic has launched a new ServiceNow Service Graph Connector that provides security teams with a real-time configuration management database (CMDB) of their cloud applications, microservices, and dependencies in production. It also unveiled Bionic Events, a feature that correlates application changes to overall security risk.
Forensics and incident response platform Cado Security has unveiled new capabilities of its open-source volatile artifact collection (VARC) tool. The latest features enable proactive scanning for malicious activity powered by YARA rules.
Insider risk management firm Code42 has improved its Incydr data protection solution to identify source code origin and destination in an effort to detect and prevent exfiltration. Code42 also announced integration with no-code automation platform Tines.
Cycode presented new capabilities of its Application Security Posture Management (ASPM) platform at the Black Hat conference. This includes hardcoded secrets detection in cloud-based workplaces, a collaboration with Azure DevOps pipelines to ensure supply chain integrity, and a new IDE plug-in for VS Code integration.
Threat intelligence firm Cybersixgill has announced enhancements to its IQ generative AI solution, including a new capability of factoring attack surface context to deliver insights specific to each customer, new custom report-building capabilities, and a new module for uncovering compromised credentials.
Cymulate announced that its exposure management and security validation platform now includes new and expanded cloud-focused attack simulation templates and resources to cover all major public cloud providers.
CrowdStrike has announced a new Counter Adversary Operations offering, which brings together Falcon Intelligence, Falcon OverWatch managed threat hunting teams, and telemetry events from the Falcon platform to detect, disrupt and stop adversaries. The first Counter Adversary Operations offering is Identity Threat Hunting.
MDR firm Critical Start has introduced Managed Cyber Risk Reduction (MCRR), an evolution of MDR that provides a comprehensive managed solution to address risks, vulnerabilities, and threats.
MDR firm eSentire has enhanced its SMB-focused XDR platform with a new MDR Agent, which provides full-scale threat prevention, detection, response and investigation capabilities.
IBM and Cloudflare announced Cloudflare Bot Management on IBM Cloud Internet Services. The new offering enables users to better manage bots by applying multiple detection methods. The Bot Management feature is available now for IBM CIS clients using the CIS Enterprise Premier plans.
Cloud email security firm Ironscales has launched the beta version of a GPT-powered phishing simulation testing capability, as well as a new accidental data exposure capability, which alerts employees when they send potentially sensitive information.
Microsoft has announced Microsoft Defender Cloud Security Posture Management (CSPM) enhancements, including multicloud posture management capabilities for Google Cloud Platform (GCP), extending sensitive data discovery capabilities to GCP Cloud Storage, and extending agentless scanning, data-aware security posture, cloud security graph, and attack path analysis capabilities to GCP.
XIoT security firm NetRise has announced new capabilities for working with SBOMs and support for CISA’s Known Exploited Vulnerabilities (KEV) catalog to help organizations manage and understand risks associated with software components in the firmware of connected devices.
Offensive security firm NetSPI has unveiled its ML/AI pentesting solution. The solution focuses on two components: identifying and remediating vulnerabilities on ML systems, and providing recommendations and guidance for ensuring that security is taken into consideration throughout the design and implementation phases of a product.
The Open Cybersecurity Schema Framework (OCSF), whose goal is to deliver a simplified, extensible, vendor-agnostic taxonomy, has announced the general availability of its schema. Organizations can integrate the OCSF framework into any environment, application or solution to complement existing security standards and processes.
OPSWAT has published the results of its 2023 threat intelligence survey, which shows that only 22% or organizations have a fully mature threat intelligence program and 62% recognize the need for additional investments. Only 11% of respondents currently use AI for threat detection, but 56% are optimistic about its use in the future.
Panorays has added a Smart Match capability to complement its AI-powered third-party security risk platform. The new capability is designed to accelerate responses and simplify risk analysis for users.
AI/ML security company Protect AI has acquired bug bounty platform Huntr and announced the launch of an AI/ML bug bounty program. The program provides a bug hunting environment, targeted bug bounties, monthly contests, collaboration tools, and vulnerability reviews.
Radiant Security has emerged from stealth mode with an AI-powered SOC co-pilot designed to boost SOC effectiveness and productivity by streamlining and automating alert triage, incident investigation, incident containment and remediation, escalation and approval workflows, and resiliency improvements.
CAASM platform provider Sevco Security has added new vulnerability hunting capabilities that enable organizations to assess flaws across different asset classes (devices, users, applications) and evaluate mitigating controls against identified vulnerabilities continuously to understand actual risk and exposure management directly in the cloud-native asset intelligence platform.
SecurityScorecard has announced new managed cyber risk services designed to help organizations operationalize third-party cyber risk management and mitigate zero-day and critical supply chain vulnerabilities.
SentinelOne has launched Singularity Ranger Insights, a vulnerability management solution designed to help companies continuously discover unmanaged assets, evaluate and prioritize threats, and mitigate risk using a single console and agent.
Secure onboarding and remote worker management firm Sonet.io announced support for data loss protection, monitoring and observability capabilities for ChatGPT and other generative AI tools. The new capabilities make it possible to detect when sensitive data is downloaded, uploaded, copied, pasted or typed into such AI tools.
IAM firm Stack Identity has published its inaugural Shadow Access Impact Report. Key takeaways: only 4% of identities are human, 5% of identities in the cloud have admin permissions, 75% of policies used in cloud environments include write permission, and 28% of policies in the cloud have some level of permission management.
Unified security and endpoint management firm Syxsense announced Cortex Copilot, a new AI engine that allows IT and security teams to simplify and speed up the process of creating endpoint management and security workflow automation. Cortex Copilot uses natural language queries to further automate smart task generation and intelligent scripting.
Threat intelligence operations (TI Ops) and cyber risk quantification solutions provider ThreatConnect has added a new intelligence requirement capability to its TI Ops platform, allowing customers to define, manage, and track intelligence requirements and requests for information more effectively.
API and application security firm ThreatX has unveiled new capabilities designed to enable security teams to detect and boost the protection of high-risk APIs containing sensitive user and authentication data.
Tenzir has launched a security data pipeline platform designed to optimize SIEM, cloud and data costs. The platform is available as an open-source developer edition, a free Community Edition, and a commercial Enterprise Edition.
Cloud exposure management firm XM Cyber has enhanced its continuous exposure management capabilities, extending customers’ ability to address hybrid cloud AD attacks and prioritize and remediate threats.