Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
To help cut through the clutter, the SecurityWeek team is publishing a daily digest summarizing some of the announcements made by vendors. Here is a roundup of some of the most important new product and service announcements made on the first day of the event:
Arctic Wolf releases risk assessment tool
Security operations firm Arctic Wolf has released Arctic Wolf Cyber Resilience Assessment, a risk assessment tool designed to help businesses advance their cyber resilience and improve insurability by effectively mapping their security posture against industry-standard frameworks. The company also announced new integrations with SSE solutions from Cato Networks, Zscaler and Netskope.
ArmorCode launches AI-powered ASPM correlation
Application security posture management (ASPM) firm ArmorCode has announced the general availability of AI Correlation in its ASPM platform. The AI Correlation feature leverages data fusion to enable security teams to identify and correlate high-signal findings across scanning tools, bringing code and runtime analysis together through machine learning and natural language processing.
Cequence adds ML security features to API protection platform
API security and bot management company Cequence has added multiple ML-powered features to its Unified API Protection platform. The new features improve automated threat detection and mitigation, customized API discovery, and API security testing.
Cisco announces Splunk integrations
Following its acquisition of Splunk, Cisco has announced integration of its XDR with Splunk Enterprise Security (ES), as well as new cloud detection and response capabilities with Cisco’s Panoptica. The networking giant also announced that its unified AI Assistant for Security is now available in Cisco XDR. In addition, Cisco Identity Intelligence is now available in Duo to enable Continuous Identity Security to protect organizations against identity-based attacks.
Checkmarx launches AI security offering
Application security firm Checkmarx has launched an AI security offering, which includes AI Security for GitHub Copilot, AI Security Champion and real-time in-IDE scanning, enabling developers to validate AI-generated code, automatically remediate vulnerabilities, and write more secure code.
CrowdStrike enhances Cloud Detection and Response and launches Falcon ASPM
CrowdStrike has unveiled new Cloud Detection and Response (CDR) innovations, including cross-domain threat hunting for Microsoft Azure environments, expanding visibility into cloud control plane activity. The company also announced the general availability of CrowdStrike Falcon Application Security Posture Management (ASPM) as part of Falcon Cloud Security.
Code42 unveils advancements in source code protection
Data loss and insider threat protection firm Code42 has added new capabilities to its Incydr data protection product. The new capabilities, which are immediately available, are designed for enhanced source code exfiltration and protection.
Cloud Security Alliance issues guidance for successful AI implementation
The Cloud Security Alliance (CSA) has issued three papers focusing on AI implementation guidance: AI Organizational Responsibilities – Core Security Responsibilities, AI Resilience: A Revolutionary Benchmarking Model for AI, and Principles to Practice: Responsible AI in a Dynamic Regulatory Environment. The papers outline recommendations across key areas of security and compliance.
CyberEdge launches lead generation and custom research offerings
Cybersecurity marketing and research firm CyberEdge has launched new lead generation and custom research offerings for vendor marketing teams. The new offerings include single- and multi-vendor webinars, multi-vendor survey reports, sales-qualified leads, speakers and panelists, and lead-generation bank accounts.
Egnyte launches content security ecosystem
Cloud content security and governance firm Egnyte has announced a new integration to help customers gain better control over their cloud content via document classification labels. Egnyte customers will be able to leverage labels generated by an AI-powered classification engine that is compatible with Microsoft Purview Sensitivity labels to inform insights and drive actions across security partners such as Netskope, Zscaler, CrowdStrike, and SkyHigh Security.
Elastic adds AI-driven security analytics
Elastic has introduced an AI-driven security analytics solution built on the Search AI platform. Named Attack Discovery, the new feature triages alerts to help security teams quickly understand the most impactful attacks.
Enkrypt AI unveils LLM Safety Leaderboard
Gen-AI security firm Enkrypt AI has debuted LLM Safety Leaderboard, which is designed to help enterprises identify the safest and most reliable AI models for their needs by understanding their vulnerabilities. The new product enables AI engineers to make more informed decisions.
Expel announces new MDR offerings
MDR provider Expel has announced new, flexible offerings to allow organizations of any size and with any budget to use the company’s technology and services. Expel has also announced new AI and automation enhancements, as well as expanded support for SIEM solutions.
Fastly enhances Managed Security Service
Edge cloud platform Fastly has enhanced its Managed Security Service with a Bot Management solution that combats automated attacks, as well as a 30-minute time-to-notify service level agreement (SLA). The SLA guarantees Fastly experts will proactively notify customers and begin mitigating critical security incidents within 30 minutes of discovery, often before an incident is even discovered by a customer.
FortiGuard Labs publishes 2H 2023 Global Threat Landscape Report
Fortinet’s FortiGuard Labs has published its 2H 2023 Global Threat Landscape Report, which shows that attacks started, on average, less than five days after new exploits were publicly disclosed, which is 43% faster compared to the first half of 2023. The company also found that some vulnerabilities remain unpatched for over 15 years, that less than 9% of all known endpoint flaws were targeted in attacks, and that 44% of ransomware and wiper samples targeted industrial sectors.
Forescout launches Risk and Exposure Management solution
Forescout has launched Risk and Exposure Management (REM), an AI-enhanced asset intelligence solution that provides enterprises with a new automated and multi-factor risk-prioritization approach to remediate vulnerabilities and strengthen their security posture. The solution continuously identifies and prioritizes potential risks across all cyber assets. Forescout has also unveiled its AI product strategy.
IBM and AWS release report on securing generative AI
IBM and AWS have teamed up for a study on securing generative AI. A survey found that 82% of C-suite respondents believe that secure and trustworthy AI is essential to the success of their businesses, but 69% of respondents admitted that innovation takes precedence over security when it comes to generative AI. The survey also found that less than 25% of current gen-AI projects are being secured.
Microsoft unveils new security capabilities
Microsoft has announced new security capabilities to help organizations better protect and govern data used in AI, manage data in SOCs, and more effectively disrupt cyberattacks. Microsoft Defender for Cloud enables customers to discover new AI attack surfaces, strengthen their AI security posture, and protect AI apps. Copilot for M365 with Microsoft Purview AI Hub is designed for governing AI usage to comply with regulatory and code-of-conduct policies. The tech giant also said Microsoft Copilot for Security will be integrated across more of its security portfolio.
Normalyze unveils DSPM product updates
Data security posture management (DSPM) company Normalyze has announced new platform capabilities, including new scanning capabilities for identifying sensitive data being used in LLMs, specialized APIs for LLM security, new learning capabilities to improve classification accuracy and remediation recommendations, and increased support for optical character recognition.
Protect AI releases AI/ML vulnerability database
AI security firm Protect AI has unveiled Sightline, a comprehensive AI and ML supply chain vulnerability database, providing deep insights into known and emerging vulnerabilities. Sightline provides an early warning system for AI/ML security vulnerabilities, flagging them 30 days before they appear in the NVD.
Proofpoint unveils adaptive threat protection capabilities for email security
Proofpoint has unveiled new adaptive threat protection capabilities for its email security solutions. Proofpoint’s solutions now offer a layer of behavioral AI-based defenses for the post-delivery stage, to stop lateral internal phishing and email fraud. The company has also added pre-delivery defenses that target social engineering and malicious links.
RAD Security launches behavioral detection and response solution
RAD Security has launched a behavioral detection and response solution for cloud native environments. Unique behavioral fingerprints allow security teams to detect novel attacks and respond with real-time identity and infrastructure context.
Recorded Future platform improvements
Threat intelligence firm Recorded Future is making big investments in three areas of its platform: AI, Collective Insights, and Intelligence Cards. In terms of AI, the company says it’s helping customers fight AI with AI, by leveraging data from its intelligence cloud to automatically aggregate and analyze commonalities across attacks. Collective Insights provides visual telemetry from a variety of security controls, enriched with threat intelligence data, and presented in one consolidated view. Intelligence Cards enable analysts to easily see all of the most important information they need for actionable investigations in one view.
Resilience adds new features to cyberinsurance loss prevention solution
Resilience is enhancing its cyberinsurance loss prevention solution with two important features: breach and attack simulation tests for validating security controls, and a cyber risk profile builder that enables organizations to update their risk posture data.
Semperis teams up with Veritas and Trellix
Active Directory security and recovery solutions provider Semperis has announced that it has expanded its collaboration with Veritas to stop bad actors from accessing sensitive corporate data, reducing the risk of successful ransomware extortion. Semperis has also teamed up with Trellix to accelerate the detection and containment of identity-based attacks.
Saviynt unveils Identity Cloud
Cloud-native identity and governance solutions provider Saviynt has presented Identity Cloud, an automated and intelligent platform designed to improve decision making, protect applications, secure identities, and boost operational productivity across internal and external ecosystems.
SecurityScorecard introduces HEID AI
SecurityScorecard has announced that its Highly Evolved Intelligence Defense (HEID) AI breach prediction product is emerging out of beta. The company says HEID AI leverages the world’s largest risk and threat dataset, delivering an 80% increase in breach prediction accuracy with false positives under 1%.
SecureIQLab introduces AI-powered cloud validation platform
SecureIQLab has introduced SocX, an AI-powered cloud validation platform that integrates adaptive learning models for cyberattacks and robust analytics to deliver enhanced attack prediction and prevention capabilities. The solution provides security teams with real-time insights, accelerating decision making and fortifying digital defenses.
New Splunk solution for proactive risk mitigation
Splunk has launched Splunk Asset and Risk Intelligence, a new solution to help organizations streamline compliance, reduce cybersecurity risks, and combat shadow IT. The product enables customers to take a proactive approach to cybersecurity through improved visibility, more accurate investigations, and dashboards to assess and enhance compliance posture.
Sumo Logic adds new capabilities to log analytics platform
SaaS log analytics platform provider Sumo Logic has announced new AI and security capabilities to help security teams collect and act upon data faster. New and updated features include MITRE ATT&CK Threat Coverage Explorer, an AI-assisted log analytics experience called Copilot, generally-available AI-driven alerting, integrated threat intelligence, a new UI experience across solutions, and expanded cloud infrastructure security data.
Stellar Cyber augments XDR platform with generative AI
Open XDR technology provider Stellar Cyber has expanded the capabilities of its XDR platform with a gen-AI-powered investigator. The augmented solution is expected to improve the effectiveness and productivity of enterprise security teams.
Swimlane launches marketplace for security automation
Security automation company Swimlane has launched Swimlane Marketplace, a storefront providing automation actions, applications, dashboards, playbooks, and reports incorporated into pre-built solutions for end-to-end use cases. The marketplace makes it easy for organizations to automate through connectors, widgets, and reusable components.
Torq launches AI-driven SOC solution
Torq has launched HyperSOC, a purpose-built solution to automate, manage, and monitor critical SOC responses. It relies on Natural Language Processing (NLP) for investigating, triaging, and addressing security events at scale. By combining the expertise of SecOps professionals with generative AI, it eliminates false positives, eliminates alert fatigue, and accelerates investigation and response.
XM Cyber’s latest state of exposure management report shows that misconfigurations represent the root cause of 80% of the security exposures within an organization. Active Directory is impacted the most, despite its critical role in connecting users and network resources. Poor endpoint hygiene plagues organizations too, with over 25% of devices containing cached credentials or lacking EDR coverage. Vulnerabilities, however, represent less than 1% of exposures.
