Americas

  • United States

Asia

Oceania

by CSO Staff

Most interesting products to see at RSA Conference 2023

Feature
Apr 25, 202311 mins
Emerging TechnologyRSA ConferenceSecurity

These are the tools, platforms, and services that the CSO team recommends RSA Conference attendees check out.

Security professionals attending this year’s RSA Conference expect to learn about new tools, platforms, and services from the 600-plus vendors exhibiting there. That’s a lot of ground to cover, so CSO has sifted through the upcoming announcements and gathered the products and services that caught our eye here.

More announcements will be made throughout the event, and CSO will update this article as their embargoes break. We’ve organized the listings by day of announcement.

RSA Conference announcements, pre-event

Binary Defense Phishing Response service

Managed detection and response (MDR) firm Binary Defense will be showing its new Phishing Response service. Its features include email attack surface hardening, intelligence correlation, threat hunting, and investigation-based detection and remediation recommendations. Users may submit emails and phishing alerts from third-party email protection software for analysis. Findings from that analysis are then correlated with other threat intelligence, and then Binary Defense analysts look for evidence of this attack. Binary Defense is at RSAC booth 5415.

Cycode Application Security Orchestration and Correlation

Cycode Application Security Orchestration and Correlation (ASOC) automatically discovers tools across the entire software development life cycle (SDLC). It then analyzes and correlates the tools’ data to identify vulnerabilities across different modules, deduping and prioritizing them by risk. Cycode will be at RSAC booth 6471.   

Darwinium Continuous Customer Protection platform

Darwinium’s Continuous Customer Protection platform closes the gaps between digital security and fraud prevention silos with continuous visibility and control across customer interactions over web, mobile, and APIs. The SaaS offering manages sensitive customer data by identifying, encoding, and encrypting data on the edge. Once analyze, the platform stores customer data within an organization’s own infrastructure with its own keys in compliance with major privacy regulations. Darwinium will be at RSAC Early Stage Expo booth ESE-38.

eSentire Cloud Workload Protection Platform and Cloud Security Posture Management with Lacework

The cloud-native eSentire Cloud Workload Protection Platform (CWPP) with Lacework provides continuous build- to run-time threat detection and behavioral anomaly detection across multi-cloud environments, workloads, accounts, containers, and Kubernetes. eSentire Cloud Security Posture Management (CSPM) with Lacework continually assesses cloud environments for misconfigurations, suspicious behavior, and changes in cloud operations. Both are offered as individual services. eSentire will be at RSAC booth 535.

Inside-Out Defense privilege access abuse detection and remediation platform

Inside-Out Defense is a SaaS, agentless privilege access abuse detection and remediation platform. It works with identity and access management (IAM), privilege access management (PAM), and custom identity solutions. The platform helps identify gaps between known and unknown abuse behaviors. It can detect and stop malicious behavior through a kill switch, and the platform provides a full profile of malicious access requests including context and intent. Inside-Out Defense will be at RSAC Early Stage Expo booth 11.

Lumu for SecOps

Lumu for SecOps is built to help security teams identify and respond to network threats. It offers incident sort and search capabilities by indicators of compromise, attack type, malware family, and business impact. The tool also provides performance reporting of compromise assessment, response timeframs, and remediation strategy. It integrates with many popular security solutions. Lumu will be at RSAC booth 5515.

Orca Security Cloud to Dev

Orca Security has added its Cloud to Dev capability to its cloud-native application protection program (CNAPP) platform. It automatically traces cloud security risks found in production to the origin code and the developer that owns it. If it discovers a vulnerability in, say, a running container, the platform identifies the source code repository and the Dockerfile and its owner responsible for adding the vulnerable package. Orca will be at RSAC booth 527.

Securonix Unified Defense SIEM

Securonix Unified Defense SIEM provides up to a year of “hot” data via the Snowflake Data Cloud for fast search and investigation, threat content-as-a-service, proactive defense with continuous peer and partner collaboration, and unified Threat Defense Investigation Response (TDIR). Securonix will be at RSAC booth 6170.

Veracode Fix

The AI-powered Veracode Fix uses the same machine learning model as ChatGPT to recommend remediations for code and open-source dependency vulnerabilities. It is trained — the transformer architecture – and is trained on the company’s own dataset of software flaws from 17 years of research. Veracode with be at RSAC booth 967.

RSA Conference announcements, April 24

Akamai Brand Protector

Akamai Technologies’ Brand Protector inspects trillions of digital activities a day across internal and external sources to discover abuse of an organization’s brand. Use cases the company cites for Brand Protector include fake goods sales, identifying phishing sites, and controlling unauthorized use of brand elements. The solution monitors traffic on malicious websites to detect brand abuse, which security teams can view through a single dashboard view. Brand Protector includes a take-down service. Akamai will be at RSAC booth 6070.

Caveonix Cloud 5.0 platform

Caveonix Cloud 5.0 is designed to provide continuous protection of applications built on containers, cloud-native services, and traditional three-tiered architecture. The platform is based on Caveonix’s DefenseBot technology to provide real-time protection and prioritized insights. It is also capable of enforcing zero-trust implementation policies. Cloud 5.0 provides a fully integrated eGRC and AI-powered Cloud Native Application Protection Platform (CNAPP) with Cloud Security Posture Management (CSPM), and Cloud Workload Protection Platform (CWPP). Caveonix will be at RSAC booth 5384.

Cisco Extended Detection and Response

The cloud-first Cisco Extended Detection and Response (XDR) solution is designed to work in a hybrid, multi-vendor, multi-threat landscape. It automatically prioritizes and remediates security incidents more efficiently. Cisco claims its XDR solution applies analytics to prioritize detections so SOC teams can focus on the highest priority incidents. Cisco XDR integrates with leading third-party vendors to share telemetry and increase interoperability. Cisco will be at RSAC booth 5845.

Cybersixgill attack surface management

Cybersixgill has added an attack surface management (ASM) module to its cyber threat intelligence platform. It is designed to provide real-time insights into an organization’s external threat exposure. The ASM module identifies exposures across known and unknown externally facing enterprise assets and prioritizes treatment according to threat urgency, and impact severity. Cybersixgill will be at RSAC booth 5372.

Flashpoint Ignite

Flashpoint Ignite is an intelligence platform that provides risk mitigation and prevention across cyber threat intelligence, vulnerability management, national security, and physical security teams. Ignite offers search capabilities that allow users to find relevant conversations and context quickly. It offers text, video, and image optical character recognition (OCR); rule-based alerting; news-style finished intelligence reports; personalized dashboards; and easy access to requests for information. Flashpoint will be at RSAC booth #4404.

IBM Security QRadar+ suite 

The IBM Security QRadar+ suite is a rearchitecting of its threat detection and response portfolio. It includes EDR/XDR, SIEM, SOAR, ­and a new cloud-native log management capability built around a common user interface designed to allow analysts to view and investigate across the entire attack chain. QRadar+ is delivered as a service on AWS and is built around an open foundation. It has an extensive partner ecosystem and more than 900 pre-built integrations. IBM will be at RSAC booth 5658.

Paladin Cloud SaaS cloud security platform

Paladin Cloud’s new SaaS cloud security platform is designed to help organizations identify and visualize cyber assets and security controls. It also monitors cloud environments for vulnerabilities, misconfiguration, and security risks. The platform maintains a real-time cyber asset inventory, allowing CISOs and security teams to discover and visualize their attack surface, and offers agentless cloud monitoring and alerting capabilities coupled with third-party integrations into widely deployed enterprise systems. Paladin Cloud will be at RSAC Early Stage Expo both 1.

Proofpoint Supplier Threat Protection, TAP ATO, Proofpoint Spotlight Cross Domain & Trust Visibility, and Privacy by Design Data Loss Prevention

Proofpoint announced new capabilities to stop malicious email attacks, detect and prevent identity-based threats, and defend sensitive data from theft, loss, and insider threats. The new features are available in the company’s Aegis Threat Protection, Identity Threat Defense, and Sigma Information Protection platforms. Supplier Threat Protection helps organizations detect and prioritize compromised supplier accounts. Targeted Attack Prevention Account Takeover (TAP ATO) provides visibility across the email account takeover attack chain. Spotlight Risk Analytics allows users to gain an executive view of an organization’s risk trends as well as exposure across various risk categories and risk exposure levels. Spotlight Risk Analytics simplifies decision makers’ workload while ensuring organizational leaders can make informed decisions to remediate modern and sophisticated identity risks. Proofpoint Spotlight Cross Domain & Trust Visibility provides insight to where Active Directory domains across companies have too much bi-directional trust. Privacy by Design Data Loss Prevention allows organizations to mask sensitive data in the console to limit its exposure and create custom data access policies to address privacy and compliance needs. Proofpoint will be at RSAC booth 6253.

SentinelOne AI threat hunting platform

SentinelOne’s new threat hunting platform integrates multiple layers of AI technology to deliver real-time, autonomous response to attacks across the entire enterprise. Real-time, embedded neural networks and a large language model (LLM)-based interface enable security teams to ask complex threat and adversary-hunting questions and run operational commands to manage their entire enterprise environment using natural language. SentinelOne will be at RSAC booth 626.

Torq Hyperautomation Platform

Torq claims its Hyperautomation Platform automates all workflows and processes across the enterprise security infrastructure. It also offers GPT AI-based analytics capability for auto-analyzing cybersecurity incidents, making strategic responses, and informing immediate and long-term defensive measures. The platform enables security professionals to quickly create and deploy complex, sophisticated workflows. Torq will be at RSAC booth 4340.

RSA Conference announcements, April 25

Akamai Prolexic network cloud firewall

Akamai Prolexic is a cloud-based DDoS protection platform that the company claims stops attacks before they reach applications, data centers and internet-facing infrastructure. According to Akamai, Prolexic has a mitigation capacity of 20 Tbps. The new network cloud firewall allows customers to define and adjust their access control rules and view analytics of existing ones. Akamai will be at RSAC booth 6070.

Apiiro Risk Graph Explorer

Apiiro Risk Graph Explorer helps application security and development teams identify and prevent gaps in their complex modern applications attack surface. An addition to Apiiro’s Cloud Application Security Platform, this new tool is designed to allow those teams to explore complex components, their connections, associated risks, and changes over time without manual investigations. Apiiro will be at RSAC booth 567.

BigID BigAI large language model

BigID’s BigAI is a large language model (LLM) designed for data security, governance, and risk management initiatives. The company claims its new artificial intelligence offering bridges the gap between data insights and action by providing accurate data insight and actionable intelligence across an organization’s data environment. BigAI uses a security- and privacy-by-design approach using BigID’s own private models and servers, so no data is shared with public models. BigID will be at RSAC booth 5219.

Eclypsium Supply Chain Security Platform

The Eclypsium Supply Chain Security Platform is designed to allow IT security and operations teams to continuously identify and monitor software bills of materials (SBOMs), integrity, and vulnerability of components and system code in each device. It generates an SBOM for each component and system code in enterprise devices in an industry-standard format. Eclypsium will be at RSAC booth 226.

Graylog Security 5.1

Graylog Security 5.1 brings new incident investigation and enhancements to the cybersecurity platform. It allows security teams to collect and organize datasets, reports, and other contexts while investigating a potential incident or issue. The Graylog 5.1 workspace also tracks the status and progress of any new or existing investigations. Other features include the ability to compile notes during an investigation, assign investigations and collaborate with colleagues, and save investigation information for future reference. Graylog Security will be at RSAC booth 6583.

SentinelOne Singularity Security datalake

SentinelOne Singularity Security Datalake is a unified security data platform that the company claims delivers results up to 10 times faster than legacy SIEM offerings at a lower data costs. The cloud-native solution provides a view into security data across endpoints, workloads, devices, and other sources with the intent to help organizations uncover threats and respond to them in real-time. SentinelOne will be at RSAC booth 626.

Sumo Logic Cloud SIEM update

Sumo Logic has announced new capabilities for its Cloud SIEM platform. Native UEBA features deliver what the company claims are transparent, configurable, and tunable detection and base-lining. Cloud SIEM Automation Service combines cloud SOAR with cloud SIEM, allowing security analysts to automate data more efficiently from alerts, telemetry, and enrichment. Cloud SIEM Insight Trainer applies machine learning to understand patterns in the data and automatically suggests detection logic severity and tuning adjustments. Sumo Logic will be at RSAC booth 5151.