Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

RSA Conference 2024 – Announcements Summary (Day 2)

Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.

RSA Conference 2024

Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.

To help cut through the clutter, the SecurityWeek team is publishing a daily digest summarizing some of the announcements made by vendors. Here is a roundup of some of the most important new product, service and research announcements made on the second day of the event, as well as some announcements we missed from the first day.

Action1 announces free vulnerability assessment

Vulnerability discovery and patch management automation firm Action1 is offering a service that allows organizations to conduct an enterprise-wide free one-time assessment of software vulnerabilities, enabling them to assess their susceptibility to known vulnerabilities and make informed decisions on their security posture.

Abnormal Security expands Account Takeover Protection and launches AI Security Mailbox

Abnormal Security is expanding its Account Takeover Protection product line beyond email to provide visibility into cross-platform user behavior and centralize compromised account detection and remediation across identity, collaboration, and cloud infrastructure applications. The company has also launched AI Security Mailbox, an AI-powered coworker that promotes security awareness through real-time conversations between employees and an AI security analyst, while also automating the triage and remediation of user-reported emails.

Aiden announces new capabilities for discovering and remediating Windows vulnerabilities

IT automation solutions provider Aiden Technologies has announced new security features designed to help organizations discover and address Windows vulnerabilities. The features alert organizations of critical and high-severity vulnerabilities in their software, provide remediation mapping, and enable IT and security teams to track remediation progress. 

Advertisement. Scroll to continue reading.

AppViewX launches certificate lifecycle management platform

Automated certificate lifecycle management (CLM) and PKI solutions provider AppViewX has launched AVX ONE, a SaaS-based CLM platform for PKI, IAM, security, DevOps, cloud, platform and application teams. The new platform provides visibility, automation and control capabilities for certificates and keys, enabling governance and remediation.

AppOmni launches Zero Trust Posture Management

SaaS security posture management (SSPM) firm AppOmni has announced Zero Trust Posture Management (ZTPM), a solution designed to provide visibility and monitoring into the configuration, security posture, and user behaviors within SaaS applications. It also enables granular access and configuration management, ensuring mandatory SSO, MFA, and least privilege configurations are enforced.

BigID announces hybrid scanning and security and risk management of AI data

Cloud-focused data security firm BigID has announced dual (hybrid) scanning technology that can help organizations better discover, manage, and protect cloud data. The technology combines side-scanning and direct scanning techniques. The company also announced new capabilities for the security and risk management of AI data, providing complete visibility and assessments into AI model data, access, and associated risks.

Cato Networks publishes CTRL SASE Threat Report Q1 2024 

SASE company Cato Networks has published its CTRL SASE Threat Report for Q1 2024, which shows that all enterprises continue to run insecure protocols across their WAN. The report also shows that zero-days do not pose the biggest threat to organizations, and many threats are industry specific. 

Cloudflare launches new risk management solutions

Cloudflare has announced Cloudflare for Unified Risk Posture, a suite of risk management capabilities that enable the discovery and mitigation of threats across applications, data loss or exposure, and human error. The capabilities are available at no additional cost. 

Claroty releases new CPS data and exposure management solution

Claroty has released new data revealing that traditional approaches to vulnerability management overlook 38% of the riskiest cyber-physical system (CPS) assets. To help address these risks, Claroty has launched a complete built-for-purpose CPS exposure management solution that enables organizations to minimize their attack surface by prioritizing the most immediate threats. 

CrowdStrike launches Falcon for Defender

CrowdStrike has announced the launch of CrowdStrike Falcon for Defender, a product that augments Microsoft Defender deployments to stop missed attacks. A part of the Falcon XDR platform, Falcon for Defender is deployed alongside Microsoft products, elevating the security posture of endpoints running Defender.

Cranium launches AI Exposure Management

AI security and trust software firm Cranium has launched AI Exposure Management, a solution designed to help organizations protect and secure internal and third-party AI solutions. Cranium AI Exposure Management enables organizations to identify vulnerabilities in AI infrastructure and helps read teams discover new threats, create protection strategies, and harden AI systems.

Critical Start launches free peer benchmarked risk assessment tool 

MDR firm Critical Start has announced free Quick Start Risk Assessments designed to help organizations better understand their security maturity. A 15-question guided survey evaluates the security maturity of an organization, provides peer benchmarking, and delivers actionable insights through dashboards and reports.

Dynatrace announces Kubernetes security posture management solution

Observability and security firm Dynatrace is enhancing its platform with new Kubernetes Security Posture Management (KSPM) capabilities. The new KSPM offering strengthens cloud-native application protection in the Dynatrace platform, providing DevSecOps, security, platform engineering, and site reliability engineering teams a solution for security posture and compliance.

Eclypsium announces new gen-AI assessment capabilities

Eclypsium has unveiled new gen-AI assessment capabilities for its Supply Chain Security Platform. The new capabilities help secure the gen-AI tech stack through support for NVIDIA hardware and popular gen-AI foundation models. The new capabilities allow users to continuously monitor and remediate risks in popular NVIDIA hardware used to train gen-AI models. 

Flexxon introduces X-PHY Server Defender

Hardware cybersecurity firm Flexxon has introduced X-PHY Server Defender, a standalone and fully independent cybersecurity module that enables full-stack monitoring and defense from the hardware and firmware layers. The solution also introduces full system reversion in the event of a breach. Server Defender is available through an early access program.

Forcepoint unveils ONE Data Security

Forcepoint has presented ONE Data Security, an enterprise-grade cloud-managed solution designed to simplify data protection. The new SaaS solution provides unified management for endpoint and multi-channel cloud data security.

Fortra launches cybersecurity platform

Fortra has unveiled its cybersecurity platform, which unites solutions such as Fortra Cloud Email Protection, Fortra XDR, and Fortra Vulnerability Management. Fortra Data Protection will be added later this year. Fed by data from security products, the Fortra platform can detect attacks, aggregate and correlate them using AI to recognize patterns, and help customers mitigate risk.

Forescout expands threat intelligence-sharing program and publishes vulnerability research

Forescout Technologies has announced the expansion of its threat intelligence-sharing program. The company has also published a vulnerability research report that shows nearly 90,000 flaws are without a CVE identifier. It also shows that more than 2,000 vulnerabilities have been exploited in malicious attacks.  

Graylog announces major TDIR platform release

Threat detection and incident response (TDIR) firm Graylog has announced the release of Graylog Security 6.0. The updated solution provides intuitive and cost-effective threat detection and incident response capabilities designed to help customers address cybersecurity challenges without the complexity and high costs associated with traditional SIEM platforms.

HCLSoftware launches HCL AppScan Supply Chain Security 

HCLSoftware has launched HCL AppScan Supply Chain Security, an active application security posture management platform designed to help organizations improve the security of their software supply chains. 

Hunters introduces OCSF-native search

SOC company Hunters has announced its full adoption of the Open Cybersecurity Schema Framework (OCSF). The firm is also sharing 100 mappings of security logs to the OCSF schema. It also announced the launch of an OCSF-native search capability designed specifically for SOC analysts and threat hunters. 

Liongard unveils managed attack surface solution

Attack surface management (ASM) firm Liongard has unveiled a managed ASM solution for SMBs and enterprises. The solution combines its ASM platform with the expertise of its global managed IT service partner network, providing comprehensive visibility, protection and resources against cyber threats. 

Legit Security announces new AI supply chain security capabilities

Application security posture management firm Legit Security has announced new capabilities that allow customers to discover unsafe AI models, providing actionable remediation steps to reduce AI supply chain security risk.

LogicGate unveils AI governance solution 

GRC company LogicGate has announced a new AI governance solution designed to enable customers to govern and manage the implementation and usage of AI technology throughout their organization using compliance, cyber risk and third-party capabilities. 

New Relic launches Secure Developer Alliance

Observability platform New Relic has launched Secure Developer Alliance, with FOSSA, Gigamon, Lacework, Aviatrix, and Opus among the first to join. The alliance provides pragmatic research, education, and guidance to implementing observable security, giving members access to the New Relic observability platform and its cloud-native security tools.

NetRise adds Vulnerability Exploitability eXchange (VEX) support

XIoT security firm NetRise has added support for Vulnerability Exploitability eXchange (VEX) documents to its platform. VEX documents are commonly found alongside SBOMs and allow software, firmware, and device developers to convey whether an asset is affected by a particular vulnerability. 

OX Security unveils Attack Path Reachability Analysis

Application security posture management (ASPM) firm OX Security has unveiled Attack Path Reachability Analysis, along with SaaS BOM and API BOM features. The new features provide enterprises with insights into software supply chain risks originating from code, APIs, and cloud environments. 

Palo Alto Networks announces new AI security and security operations solutions

Palo Alto Networks has announced new solutions powered by Precision AI, a proprietary AI system that combines machine learning, deep learning and generative AI to ensure real-time security and safety. The new solutions — AI Access Security, AI Security Posture Management and AI Runtime Security — enable companies to safely adopt AI. The company also announced Cortex XSIAM, a SOC platform that is also powered by Precision AI.

Relyance AI launches Asset Intelligence and Data Security Posture Management

Relyance AI has released Asset Intelligence and Data Security Posture Management, a DSPM solution that brings together asset-level visibility and lineage to all sensitive enterprise data in the context of contractual and regulatory obligations. The solution enables organizations to see where data is stored at a fine-grain level, why it is stored there, who has access to it, and what risks exist with how it is being processed.

RSA announces identity security product enhancements

Identity security firm RSA has announced product enhancements, including capabilities needed to meet advanced NIST CSF 2.0 tiers, and passwordless authentication improvements. The company also launched its 2024 RSA ID IQ Survey, which asks users to assess their organization’s identity security architecture, quantify the costs of identity-related data breaches, and predict AI’s cybersecurity potential.

runZero publishes inaugural research report

ASM firm runZero announced the inaugural edition of the runZero Research Report, which explores the state of asset security across global enterprises. The report looks at attack surface increase due to IT/OT convergence, outlier devices, the lack of network visibility, end-of-life products, zero-day attacks, and authentication protocols. 

Salt Security launches AI-infused API Security Protection Platform

API security firm Salt Security has launched an API Security Protection Platform powered by Pepper, the company’s LLM. Pepper has been used for years to stop API-based attacks and has now been extended to the continuous API discovery and posture assurance steps in the API Security lifecycle.

SentinelOne launches Purple AI

SentinelOne has unveiled Purple AI, a chatbot that provides expert analysis to augment the skills of security teams. Purple AI also provides anomaly detection, automated alert triage, response recommendation, investigation, and threat intelligence capabilities. 

Safe Security adds third-party risk module

Risk management firm Safe Security has announced a new third-party risk module (TPRM). Safe TPRM is the latest addition to the SAFE One platform that takes a risk-based approach using outside-in questionnaire, and inside-out telemetry to quantify risk in a defensible manner.

Carnegie Mellon University SEI launches new tool

The Software Engineering Institute at Carnegie Mellon University has announced the release of a DevSecOps tool. Called Polar, it has been described as an observability framework that provides a comprehensive picture of a software system’s deployment platform, unlocking data that is captured by disparate tools within an organization.

Sentra expands data security capabilities

The Sentra data security platform now includes DataTreks, which provides security teams insight on data similarity and movement across the entire data estate through an interactive contextual map view. The company also announced that its platform can now classify and detect sensitive data in on-premises environments for file shares and databases. 

Theori launches security posture management solution

Offensive cybersecurity firm Theori has launched Xint, a unified security posture management solution designed to streamline and automate security operations across cloud and hybrid environments. Xint integrates cloud security, external threat detection, and an AI engine to provide a unified and detailed view of cloud environments and external threats. 

Trellix enhances Database Security

XDR firm Trellix has unveiled an enhanced Database Security, designed to protect sensitive data in widely used database types, including legacy databases, while supporting compliance initiatives. Database Security provides activity monitoring, vulnerability manager and virtual patching capabilities. 

Utimaco expands Trust as a Service marketplace and launches partner program

Utimaco has expanded its Trust as a Service marketplace with new features and deployment options. A new general purpose Hardware Security Module (HSM) as a Service allows customers to reduce capital and labor costs without the need for a dedicated server room, secure environment setup, or data center selection. The company has also announced the launch of its u.nity partner program. 

Varonis adds AI prompt monitoring to prevent malicious Copilot activity

Data security firm Varonis has added prompt monitoring to its Microsoft 365 Copilot security offering. This new feature allows security teams to investigate risky prompts, responses, and sensitive file references directly within the Varonis platform.

Vectra AI expands AI Platform 

XDR firm Vectra AI has expanded its AI Platform to protect enterprises from new threat vectors introduced by gen-AI tools. The platform’s Attack Signal Intelligence uses behavior-based AI to defend against threat actors abusing gen-AI.

Veriti develops solution to map CVEs and security configurations to MITRE ATT&CK

Veriti has developed a solution for mapping CVEs and security configurations to the MITRE ATT&CK framework. This approach automates the entire vulnerability management lifecycle, significantly accelerating the detection, prioritization, and secure remediation of threats.

Zscaler teams up with Google and publishes VPN risk report

Zscaler has collaborated with Google on a zero trust architecture with Chrome Enterprise. The solution combines Zscaler Private Access, which enables zero trust secure access to private applications, with the threat and data protection capabilities of Chrome Enterprise Premium. Zscaler has also published its annual ThreatLabz VPN Risk report, which reveals that a vast majority of organizations are concerned about VPNs leading to a breach.

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

Joe Levy has been appointed Sophos' permanent CEO, and Jim Dildine has been named the company's CFO.

CISA executive assistant director for cybersecurity Eric Goldstein is leaving the agency after more than three years.

More People On The Move

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem