5 min

The 2023 RSA Conference featured announcements from all over the cybersecurity sector. We’re presenting a round-up of what companies have brought to the fore this year.

Cisco

We have written extensively about “Cisco’s worst-kept secret”: Cisco XDR. The company is adding the extended detection & response application to its existing Cisco Security Cloud suite. Concerning XDR, it continually talks about native telemetry from as many different sources as possible. With the help of AI, this large amount of information should be manageable and insightful for security personnel. It has been available in beta since this week and is set to launch this July.

Click here to read the full article: Cisco XDR aims to reduce alert fatigue, increase signal to noise ratio

Noname

Noname Security has had plenty to announce. Having been accepted for the Accelerated by Intel program, it has partnered with both Wiz and IBM to strengthen cyber resilience and API security.

The hardware partnership with Intel means that Noname can leverage the built-in Advanced Matrix Extensions (AMX) on 4th generation Xeon processors. These are particularly suitable for API-related tasks, meaning customers can expect up to three times extra performance with similar or less power consumption.

Noname’s expertise in API security has made it attractive for parties such as Wiz and IBM to join forces. Because APIs tend to function as intermediaries between network connections, they are a likely attack vector. IBM will integrate Noname’s services inside its API Connect and DataPower services. In the process, users can expect “advanced API management capabilities” at their fingertips.

Rubrik/Zscaler

Rubrik, traditionally a backup specialist, and cloud security company Zscaler are joining forces to combat so-called double extortion ransomware. This tactic by cybercriminals not only puts an encryption on data, but also exfiltrates it. This accompanies the data breach with the threat of exposing data to the outside world. Because this involves data at rest and in motion, it requires two tools for complete security coverage. The expertise of both companies is integrated with each other, allowing Rubrik customers to count on a lot of automation in detecting security vulnerabilities.

…& more

VMware has demonstrated new capabilities for its security suite. The company is deploying SmartNIC acceleration to make virtualizations run faster. Additionally, cloud-native architectures can count on more security thanks to Carbon Black Workload & Cloud Configuration. Furthermore, Enhanced Firewall services should provide simplified operations of edge devices. The company promises to provide security for multi-cloud workloads, which is increasingly in demand. To combat “cloud chaos,” the company is betting on more governance capabilities and “lateral” security methods. Because cyber attackers make at most three lateral moves to reach a target, according to the company, VMware emphasizes stopping this small number of steps by providing an “end-to-end view” across users, devices, networks, applications and data.

A big trend at RSAC 2023 is the propagation of artificial intelligence tech. For example, Google Cloud is releasing Sec-PaLM, an adaptation of Google’s most advanced large language model. The so-called Google Cloud Security AI Workbench is set for cybersecurity operations. The tech giant trained the AI on years of internal cyber threat documentation at Google. The company is not the first to cite the shortage of cybersecurity expertise as a motivating factor for providing an AI application.

SentinelOne is also joining the AI trend. It is launching a new platform that, like Sec-PaLM, uses a large language model. The LLM is said to have chat capabilities not dissimilar to ChatGPT. Users can ask the bot complex questions about the state of an organization’s security systems. Suspicious access patterns, such as running VPN services, the AI can pinpoint as a sign of an attack. SentinelOne has more to announce during RSA 2023. It has launched Singularity Security DataLake, a cloud-native platform designed to give organizations visibility into data across the security ecosystem. Security teams can use it to “quickly understand threats and respond to them in real-time intelligently and cost-effectively.”

Amazon Web Services is coming out with several enhancements to Amazon GuardDuty. The security monitoring tool monitors AWS Cloudtrail data for suspicious activity. Amazon’s Kubernetes service users can count on a dedicated security agent with GuardDuty EKS Runtime Monitoring. In addition, security for the Aurora database service has also received more coverage thanks to RDS Protection. Finally, AWS is paying attention to customers using serverless applications. GuardDuty Lambda Protection monitors network communications for bad actors and signs of crypto-mining. AWS is offering these new features for free to existing users.

There is also news in the field of endpoint security during RSA 2023. Trellix has introduced a new Endpoint Security Suite. The cybersecurity company should give SecOps analysts better visibility and control over proactively protecting endpoint devices. Think computers, printers and servers. Like competitors in the security market, Trellix is trying to offer an end-to-end solution with this. As well as comes Trellix with AI support for accelerating response to cyber attacks. A forensics & root cause tool should better map threats. During RSA, Trellix also previewed what it plans to offer in the third quarter. These include simplifying endpoint security management, better-integrated forensics, and support for Apple hardware.

Sysdig has announced an integration with ServiceNow Container Vulnerability Response (CVR). As a result, customers can count on a faster view of the organisation’s biggest cyber risks. Sysdig specializes in runtime security, which protects containers while an application runs. The company says there is a lot of unnecessary noise regarding cyber threats. The new integration should eliminate 95 percent of this noise.

Data management company BigID is also joining the series of announcements surrounding RSA 2023. The new BigAI tool helps users make dealing with data more manageable. Friendliness is key: BigAI comes up with manageable names for data tables and columns, it invents friendly cluster titles for better indexing and searches metadata. This tool also features a chatbot, which acts as a “personal assistant” to answer data management questions.

Read the full article: BigID launches BigAI

In addition, CybeReady is developing new ways to train users to become proficient in cybersecurity. The company is emphasizing the “community” aspect of the new features. The Security Awareness Training platform collects data via machine learning to crowdsource information, which in turn is applied in the platform. It is offering free demonstrations of the training program in San Francisco.

Finally, Thales announced a new secrets management solution for the CipherTrust Data Security platform. It allows users to keep secrets such as passwords, API keys and certificates organized. It should reduce the risk of data breaches, ensure better compliance and facilitate collaboration. The solution runs on Akeyless’ Vault Platform.