In order to improve cybersecurity efforts, new tools are being released this week at the RSA Conference in San Francisco. The conference brings together top cybersecurity professionals and business leaders to discuss emerging trends and formulate the best strategies for tackling current and future threats.
The new tools include solutions that speed up security testing, the hiring of security professionals, and end-to-end application security assistance.
Some highlights so far are:
Google Cloud announces new security capabilities
The new capabilities are designed to help users protect their systems and data wherever they reside. It includes threat detection and timeline capabilities in Chronicle, online fraud prevention services and threat response integration between Chronicle and Palo Alto Networks.
“Cloud security is a top enterprise IT priority as organizations modernize their critical business systems both in-place and in the cloud. Our mission is to provide advanced security solutions that help give good the advantage, starting from building the most secure cloud platform to products that bring the power of Google’s global infrastructure and threat intelligence directly to your data centers,” the company wrote in a post.
Imperva introduces integrated advanced bot protection
The new bot protection solution integrates with the company’s cloud application security solution to provide defense-in-depth security. According to the company, it defends against mission-critical websites, mobile apps and APIs from automated threats such as web scraping, account takeover, transaction fruit, denial of service, click fraud, spam, and web and mobile API abuse.
“The volume of automated threats on the internet is staggering – in fact, our research shows that over 20% of all internet traffic consists of bad bots,” said Tiffany Olson Kleemann, vice president of advanced bot protection at Imperva. “As the sophistication and business damage caused by automated threats grows, our defenses need to be as adaptable and vigilant as the threat itself, and organizations need to be able to deploy them in the way that works best with the rest of their security stack.”
Code42’s advanced cloud data security solution
The company is adding new capabilities for defending against the rise of insider threats. New updates enable security teams to access a prioritized list of users whose file activity requires investigation, determine potential exfiltration vectors, assess activities within the context of a user’s history, review indicators of increased risks, and review exact content of files at risk.
In addition, security teams can now detect when files are uploaded to personal emails or unsanctioned websites, uploaded to personal cloud sync apps; transferred to USB or other removable media devices, shared to untrusted domains, and deleted off an employee’s computer.
VMware announces plans to make security intrinsic to the digital enterprise
The company hopes to protect critical apps and data with more automated, proactive and pervasive solutions. VMware plans to do with this new advanced security for Cloud Foundation, advancements to its Carbon Black Cloud, and new auto-remediation capabilities.
“There has never been a more challenging and exciting time in security,” said Sanjay Poonen, chief operating officer, customer operations, VMware. “Attacker sophistication, security threats, breaches, and exploits are becoming more prevalent with no end in sight. And with cloud, new applications, pervasive mobility, IoT, and data at the edge, the problem is only getting harder to solve. There must be a new approach to cybersecurity – one that is built-in, unified and context-centric. We believe the best strategy and approach is to make security intrinsic, enabling organizations to leverage their infrastructure and its unique capabilities across any app, any cloud and any device to better secure the world’s digital infrastructure – from networks, to endpoints, to workloads, to identities, to clouds.”
Elastic debuts integrated security offerings
The company recently announced Elastic Security 7.6, which provides visibility and threat protection through a unified interface. New features include a SIEM detection engine, 100+ prebuilt rules aligned with the MITRE ATT&CK framework, and the ability to reduce security investigations.
“Not only do security operations teams need more network access and user data, but they also must collect and correlate that data into usable information to simplify security operations,” said Nate Fick, general manager at Elastic Security. “The convergence of Elastic Endpoint Security and Elastic SIEM into a single solution enables organizations to prevent targeted attacks in real time, while providing needed visibility into security risks as they develop to fast-track response actions before damage and loss.”
BigID introduces discovery and security features “sensitive crown jewel data”
The new technology helps identify personal or sensitive data inside a modern data landscape and addresses data protection, dark data, labelling and policy enforcement, and overexposed data. Some features include visibility into data at risk, cluster analysis, access insight, advanced ML-driven classification, and remediation.
“BigID’s next-generation security capabilities help our customers identify and protect the crown jewels of their organization – sensitive and personal data,” explained Nimrod Vax, BigID’s head of product. “By applying advanced ML data intelligence and discovery-in-depth technology to data protection, BigID empowers organizations to reduce risk, protect their crown jewels and get unprecedented coverage and visibility across their enterprise data environment.”
Checkmarx simplifies automation of application security testing for DevOps environments
Checkmarx announced new enhancements to its Software Security Platform to empower more seamless implementation and automation of application security testing in modern development and DevOps environments.
One new feature, Checkmarx ‘Flow,’ is an orchestration module that tightly integrates with application release orchestration and agile planning tools.
CxFlow provides end-to-end automation from scanning to ticketing, seamless integration with the modern development ecosystem, and centralized management.
The full details on the solution are available here.
Bugcrowd enhancements deliver access to skilled security talent and protection
Crowdsourced security company Bugcrowd announced several enhancements to its platform that help customers gain global access to the right talent for every security threat.
“By codifying all the unique services needed to quickly match and manage the right security skills on-demand, the Bugcrowd platform enables customers to infuse crowdsourced security anywhere throughout their existing security lifecycles – even if that changes year-to-year, or day-to-day,” Bugcrowd wrote in a blog post.
Bugcrowd is offering increased visibility, more oversight over multiple programs and the ability to spin up on-demand programs through a simple wizard.
Rapid7 and Snyk announce partnership to offer end-to-end application security
The companies’ joint offering combines application security monitoring and protection with developer-first security for finding and fixing open source vulnerabilities.
“Together, Snyk and Rapid7 will provide businesses with a comprehensive approach to modern application security, offering continuous integrated security from the beginning of the application development process through to continuous monitoring and protection in production,” the companies wrote in a post.
Rapid7 will add the Snyk vulnerability database to its Insight cloud solutions to enhance vulnerability visibility analysis across the Rapid7 portfolio.
NTT collaborations and partnerships
Global technology service provider NTT announced a new partnership with the cybersecurity provider Palo Alto Networks to help minimize risk and reduce time to predict, detect and respond to attacks. Together, the companies aim to provide a portfolio of intelligence-driven security products. The NTT Secure by Design services will combine with Palo Alto Networks’ Prisma Access and Cortex XSOAR technologies and provide intelligent workspace, infrastructure and cybersecurity capabilities.
In addition. NTT Research, a division of NTT announced a new joint research agreement with the University of California, Los Angeles and Georgetown University that will over theoretical aspects of cryptography and a global scale testbed for research into blockchain.
McAfee announces global Managed Detection and Response platform
The new platform will include threat hunting for proactively uncovering advanced attacks as well as stopping breaches; forensics and investigations for in-depth investigations of endpoint security alerts and incidents; and complete managed endpoint threat detection and response to address organizations that have limited to no security staff. More information is available here.
FireEye’s new cloud security updates
Intelligence-led security company FireEye announced new capabilities within its Helix platform as well as a new offering for collaboration tools.
For the Helix platform, the company is adding entity behavior analytics for quickly accessing profiles of users and entities, gaining visibility into threats with automated correlation on entities and alerts, and providing a more granular view on detections.
The new messaging security solution is available as an early access preview and designed to reduce the risk of a cyber attack by scanning objects and links shared in a collaboration tool like Microsoft Teams or Slack.
Other announcements included expanded cloud security offerings with Cloudvisory, and integration with detection on demand.