Security matters now. That is the theme at this year’s RSA Conference taking place in San Francisco this week.
“There is an urgency and pressure being felt now more than at any time over the last few years. Whether you are looking at national or local politics or the pressures of your company’s board room – there has been a change, and we can all feel it,” Linda Gray Martin, director and general manager for RSA conferences, wrote in a post. “As we become more dependent on the latest and greatest gadgets, more and more of our personal lives are becoming digital – whether we like it or not. With that is the inevitable realizations that cyberthreats are looming larger than ever, with more opportunities for cybercriminals to strike.”
As a result, a number of companies have been dissecting modern security strategies, unveiling new products and updating existing ones.
Microsoft reveals new products and security strategies
“Our objective is to arm business, government and consumers with deeply integrated intelligence and threat protection capabilities across platforms and products,” Microsoft wrote in a post. As part of that objective, Microsoft announced a number of new products and strategies at the conference.
The company announced the preview of a new unified security API in Microsoft Graph to help partners integrate with Microsoft solutions and take advantage of the Intelligent Security Graph. “Our Intelligent Security Graph uses advanced analytics to link threat intelligence and security signals from Microsoft and partners and continues to increase in variety and volume of signal,” Rob Lefferts, director of enterprise and security for Windows, wrote in a post.
The company also released new anti-phishing protection capabilities, extended its Conditional Access to speed up detection and response, and announced the Microsoft Intelligent Security Associate to provide better protection, detect and response to customers. “It’s an exciting time to be working in security. We are joining forces with other security solution providers and using the cloud to our customers’ advantage. Together, we can turn the tide against attackers,” Lefferts wrote.
IBM introduces intelligent security solution
IBM announced the release of its Watson AI-powered security solution IBM X-Force Threat Management. IBM X-Force Threat Management was designed to address the ongoing breaches and public disclosures as well as help security teams keep up with the pace of innovation, increased complexity, increasing skills gap, and poor response readiness plans.
The underlying X-Force Protection Platform engine processes over 2 trillion security events monthly, according to IBM, using the Watson AI alongside behavioral analytics and intelligent orchestration.
Coupled with an Android and iOS app, IBM hopes to provide threat information and management in a more streamlined manner. According to the company, the new solution will help clients accelerate security, mitigate library, manage complexity and extend expertise.
McAfee tackles container security
McAfee announced coverage for container deployments in its latest version of the McAfee Cloud Workload Security solution. According to the company, containers are quickly becoming developers’ preferred deployment model for modern cloud apps.
The 5.1 release can identify Docker containers in less that 5 minutes after deployment, McAfee says. It can then quarantine infected workloads or containers in one click, which they say greatly increases remediation efficiency and reduces misconfiguration risks.
“As enterprises turn to the cloud to transform themselves into a digital business and develop compelling experiences for their customers, they often overlook the security challenges involved in adopting a multi-cloud or hybrid-cloud environment,” said Rajiv Gupta, senior vice president of the cloud security business unit for McAfee. “McAfee Cloud Workload Security enables organizations to secure cloud workloads and containers across AWS, Azure, VMware, and their private cloud, addressing key security, compliance and governance requirements so that they can accelerate their business in the cloud.”
Yubico Security Key unveils passwordless login for the enterprise
Hardware authentication security keys provider Yubico announced a new security key supporting FIDO2 will be available in Windows 10 devices and Microsoft Azure Active Directory. This is a passwordless solution that combines hardware-based authentication, public key cryptography and U2F and FIDO2 protocols.
“Microsoft’s FIDO2 implementation using the Security Key by Yubico is just the beginning of a passwordless world; there are no limits as to where this technology can take us,” said Stina Ehrensvard, CEO and founder of Yubico. “Passwords have been an age-old pain point for both individuals and organizations, and now, we have developed a unified open standard that can finally solve the problem at scale.”
The security key is currently in limited preview for Microsoft Technology Adoption Program customers.
“Passwordless login represents a massive shift in how billions of users, both business and consumer, will securely log in to their Windows 10 devices and authenticate to Azure Active Directory-based applications and services,” said Alex Simons, director of program management for Microsoft’s Identity Division. “We’re excited to partner with Yubico as we work together to eliminate passwords.”
Signal Sciences brings web app security to multi-cloud environment
Signal Sciences is bringing its web app firewall and runtime app self-protection solution to multi-cloud environments. According to the company, this will help businesses protect their most critical web apps from real attacks and threats on their choice of cloud provider.
“The main challenge for cloud customers is getting protection for their applications across providers and on premises without spending time tuning rules. With point solutions and legacy WAFs, rules have to be tuned for each application that sits behind the cloud WAF instance, resulting in a nightmare scenario where hundreds of hours of rule-tuning is needed just to gain basic OWASP Top 10 protection,” said Zane Lackey, CSO and co-founder of Signal Sciences.