Virtual Event Today: Supply Chain Security Summit - Register Now

Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

RSA Conference 2022 – Announcements Summary (Day 1)

RSA Conference 2022 Summary

Hundreds of companies are showcasing their products and services this week at the 2022 edition of the RSA Conference in San Francisco.

RSA Conference 2022 Summary

Hundreds of companies are showcasing their products and services this week at the 2022 edition of the RSA Conference in San Francisco.

To help cut through the clutter, the SecurityWeek team is publishing a daily digest summarizing some of the announcements made by vendors. The daily summaries will include new products and services, updates to existing offerings, reports, and other initiatives.

Armis announces vulnerability lifecycle management module

Armis has unveiled an end-to-end risk-based vulnerability lifecycle management solution named Asset Vulnerability Management (AVM). AVM is an add-on module for Armis’ platform that is designed to provide a complete view of assets and vulnerabilities, risk-based prioritization, security automation and orchestration, and functionality for tracking vulnerability mitigation efforts. The company says AVM covers the entire attack surface, including IT, OT, ICS, IIoT and cloud.

BigID launches SmallID

Data intelligence firm BigID has launched its pay-as-you-go cloud data security platform SmallID. The new solution provides organizations of all sizes with cloud-native data privacy and protection, to help them reduce attack surface and improve security posture, discover shadow and dark data, and automatically identify and classify their data by sensitivity, type, regulation, policy, and more.

Cisco announces new Security Cloud strategy and product improvements

Cisco has described its new Security Cloud strategy, whose goal is to provide a cloud-based platform for connecting and securing organizations. The networking giant has also announced enhancements across its security portfolio, including for secure access, secure edge, and secure operations. In addition, the company has introduced a new unified Secure Client that aims to simplify endpoint management.

Cloud Security Alliance releases results of Zero Trust survey

The Cloud Security Alliance (CSA) has released a new report named “CISO Perspectives and Progress in Deploying Zero Trust.” A survey of more than 800 IT and security professionals found that 80% of C-level executives view Zero Trust as a priority, 94% are in the process of implementing a Zero Trust strategy, and 77% are increasing their budget for Zero Trust over the next 12 months.

CrowdStrike announces new product capabilities

CrowdStrike has described several new product capabilities. One of them is Humio for Falcon, which significantly extends data retention for Falcon telemetry in an effort to enhance customers’ threat analytics and hunting abilities. The company also announced new Falcon XDR capabilities that are designed to simplify security operations. It also introduced Asset Graph, a new graph database that can provide organizations with better visibility into their attack surface.

Cynet launches Automated Response Playbooks

Cynet has launched Automated Response Playbooks for its automated XDR platform. With these playbooks, security alerts are automatically investigated and remediated as part of the 360 AutoXDR platform at no additional cost. The goal is to reduce alert investigation and response time for overwhelmed security teams.

Deepwatch expands MDR solution with automated response service

Deepwatch has expanded the capabilities of its managed detection and response (MDR) platform with managed extended detection and response (MXDR). Deepwatch MXDR is a new service that provides automated threat response in an effort to accelerate containment.

DNSFilter launches Data Export feature

DNSFilter has announced the availability of Data Export, a new feature designed to help enterprises accelerate threat detection and response by automating the export of DNS query log data to SIEM and security monitoring solutions to be aggregated, analyzed, and actioned with multiple data sources.

Fortinet announces new digital risk protection service

Fortinet has unveiled FortiRecon, a digital risk protection service that leverages machine learning, automation and FortiGuard Labs experts to help companies protect their reputation, assets and data. FortiRecon provides external attack surface monitoring, brand protection, and threat intelligence.

Forgepoint Capital releases report on top CISO priorities

Forgepoint Capital has surveyed more than 100 CISOs from large enterprises and SMBs to learn about their priorities and what they’re working on in 2022.

Juniper Networks expands SASE offering

Juniper Networks has expanded its SASE offering with Cloud Access Security Broker (CASB) and advanced Data Loss Prevention (DLP) capabilities. These improvements should help prevent unauthorized access to data in the cloud, expand visibility, and protect SaaS applications.

Mandiant launches digital risk protection solution

Mandiant has launched a digital risk protection solution that provides information on an organization’s attack surface and potentially problematic activity on the deep and dark web. Mandiant has also announced the general availability of Advantage Digital Threat Monitoring, a new module available within Mandiant Advantage and a key driver of the new digital risk protection solution.

NightDragon announces Coalition to Close the Cybersecurity Talent Gap

Investment and advisory firm NightDragon and nonprofit organization NextGen Cyber Talent announced the Coalition to Close the Cybersecurity Talent Gap, an effort to raise $1 million to fund cybersecurity education for Bay Area students pursuing careers in cybersecurity. With support from more than 25 cybersecurity and technology organizations, the Coalition has raised over $300,000 to date, funds that will be distributed to students at participating Bay Area community colleges.

MITRE introduces “System of Trust”

The MITRE Corporation announced the introduction of “System of Trust,” a free and open platform that offers a new knowledge base of supply chain security risks, as well as a security risk assessment process.

Delivering a proactive approach to finding and mitigating threats, the System of Trust details 14 risk areas for organizations to evaluate, and contains more than 2,200 specific supply chain security risk questions. The framework scores and ranks risks to help identify strengths and weaknesses, and offers a common vocabulary that can be understood across suppliers, supplies, and services.

Neosec launches ShadowHunt threat hunting service

Behavioral analytics firm Neosec launched ShadowHunt, a threat hunting service focused on identifying API abuse. The new capability enhances the Neosec cloud-based platform to help organizations identify threats in business API traffic by automatically and continually identifying all APIs in use, evaluating risk posture, and monitoring for user behavioral anomalies. The ShadowHunt service also provides monthly reports summarizing findings and delivering news of API threats identified across different companies.

Optiv launches Cyber Recovery Solution

Optiv introduced its new Cyber Recovery Solution (CRS), which identifies and prioritizes the protection of critical assets through automated backup of business-essential data, systems, and applications. The solution supports a vaulted air-gapped backup solution, enables the quick recovery of data through custom playbooks, minimizes the impact of a cyberattack, and helps organizations ensure business continuity in case of an incident.

Pindrop expands voice verification capabilities

Pindrop announced it has expanded its voice verification capabilities to provide improved authentication performance. The company says its technology can now provide demographic insights, predicting age range and spoken language, to better route callers and identify potential security threats, while also detecting intentionally deceptive callers to warn if the voice doesn’t match that of the enrolled user. The solution also includes spoof detection and allows organizations to build custom data fields that can be used for policy creation, fraud investigation, and case management.

Qualys introduces new cloud-based vulnerability management solution

Qualys has unveiled Vulnerability Management, Detection and Response (VMDR) 2.0, a new cloud-based solution that provides insights into an organization’s risk posture, as well as the ability to use drag-and-drop workflows to orchestrate responses. VMDR 2.0 should become available in late June.

Virtru introduces OpenTDF

Data protection provider Virtru has introduced OpenTDF, an open source project that provides developers with the necessary tools to build applications for governing sensitive data. OpenTDF can be used to protect personal health information (PHI), cryptographically redact content within documents, secure IoT sensor data against spoofing, and build end-to-end encrypted messaging applications. The project also features Apache Kafka integration, which enables the protection of data event streams.

Wiz unveils Cloud Detection and Response (CDR) and Advanced Control

Wiz has announced two new features: Wiz Cloud Detection and Response (CDR), which enables cloud security teams to quickly identify threats, and Wiz Advanced Control, which leverages attack path analysis to identify critical risks. New Wiz data shows that enterprises have, on average, 200 critical cloud issues that could result in a breach.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...