Several companies announced new products at updates today at the RSA Conference in San Francisco.

ArmorCode

ArmorCode today announced the general availability of AI Correlation in the ArmorCode Application Security Posture Management (ASPM) Platform. ArmorCode AI Correlation is powered by the collective intelligence gained from deep analysis of over six billion processed findings and experiences of the thousands of security professionals that use the platform.  AI Correlation is one pillar of an AI-powered ASPM that leverages AI across correlation, prioritization, and remediation to
drive risk reduction for every enterprise.

ArmorCode AI Correlation leverages data fusion to enable security teams to identify and
correlate high-signal findings across scanning tools in never before possible ways, bringing
code and runtime analysis together through machine learning and natural language processing.
● For pre-production scanners on the left like SAST, ArmorCode provides a strong signal
that they have identified a real issue through correlation with scanners on the right.
● For runtime scanners on the right like DAST, ArmorCode shows security teams the root
cause of issues through correlation with scanners on the left, helping them identify the
source code and development owner much faster.
● For new AI-focused security scanners, ArmorCode helps organizations future proof and
embrace AI by correlating AI-scanner findings with scanned findings across the
organization.

Code42 Software 

Code42 Software has advanced its Incydr data protection product with new capabilities to see and stop source code leak and theft and ensure organizations can prevent potential breaches, without burdening developers or security analysts.

The Incydr product monitors source code movement in real-time across repositories, regardless of whether they are personal or corporate destinations. This ensures that organizations maintain visibility across all clients, Integrated Development Environments (IDEs), and libraries, and can monitor Git pull, clone, and fetch activity to trace files exfiltrated from corporate repositories.

With the Incydr Source Code Risk Dashboard, customers gain visibility of untrusted source code movement. Incydr’s new capabilities also uncover risky movement that is otherwise unknown. The system predicts the riskiest exfiltration attempts so that analysts can quickly detect and stop source code theft while ensuring teams can focus on addressing the most pressing threats.

HAProxy Technologies

HAProxy Technologies today announced the launch of HAProxy Enterprise 2.9 – a milestone release that defines a new security standard for application delivery.

HAProxy Enterprise 2.9 advances its security solution with next-generation WAF and bot management capabilities. This release also extends HAProxy Enterprise’s performance and flexibility to support real-time applications that use the UDP transport protocol that powers much of the modern web.

The release simplifies application delivery, enhances security, and boosts scalability. Key features include a next-generation Web Application Firewall (WAF), bot management, and UDP load balancing for time-sensitive applications

UDP is a connectionless protocol used for time-sensitive applications such as DNS lookups, streaming video, playing online games, and transporting log data. Load balancing is critical to providing reliable and performant application delivery.

Normalyze

Normalyze announced new platform capabilities that raise the bar for the Data Security Posture Management (DSPM) category, including:

  • DSPM for AI: New scanning capabilities focus on identifying sensitive data being used in Large Language Models (LLMs) like Microsoft Copilot or ChatGPT to ensure that AI-generated content does not expose sensitive company information. In addition, Normalyze also helps secure your cloud-based AI deployments in AWS Bedrock and Azure OpenAI by detecting any sensitive data being fed into the foundational or custom models.
  • Specialized API for LLM Security: Normalyze offers specialized APIs for LLM security that can be used to conduct real-time sensitivity analysis of data going into and out of LLMs, while providing full governance and visibility into your data usage. These APIs can be easily integrated into existing customer workflows, helping keep costs down and increasing security for services like Microsoft CoPilot.
  • For Snowflake customers: Snowflake customers can now apply advanced tools for automated data discovery and classification, precise access management via the Data Access Graph, and proactive risk monitoring to enhance their security measures across their Snowflake data landscape to support rigorous compliance protocols (e.g., FedRAMP, PCI-DSS, Snowflake CIS Benchmark).
  • Enhancing Precision with Adaptive Feedback Validation Workflows: New learning capabilities continuously improve classification accuracy and remediation recommendations based on user feedback and actions.
  • Expanded Optical Character Recognition (OCR): Increased support for OCR better recognizes and classifies text within scanned documents or images, improving data capture from diverse non-text formats.
  • DSPM for on-premise: Many teams grapple with large amounts of data still present in non-cloud data centers. To help teams get visibility and control of sensitive data in these data stores, Normalyze supports both self-managed as well as cloud-based deployments of scanners to scan on-premises data.

Splunk

Splunk, provider of cybersecurity and observability solutions, today announced Splunk Asset and Risk Intelligence, designed to power the SOC of the future by helping businesses streamline compliance, reduce cyber risk and eliminate the sources of shadow IT. This new addition builds upon Splunk’s robust security portfolio, which includes Splunk Enterprise Security, Splunk Attack Analyzer and Splunk SOAR.

Splunk Asset and Risk Intelligence enables organizations to take a more proactive approach to security and risk mitigation, ultimately helping them become more resilient:

  • Enhanced visibility: Enables the correlation and aggregation of data from various sources (e.g., network, endpoint, cloud, scanning tools) to provide a continually updated inventory of assets and identities, eliminating duplicate or stale data for more accurate, comprehensive asset insights, reducing risk exposure.

  • Accurate investigations: Allows security operations teams to map relationships between assets and identities to expedite investigations, enabling rich asset and identity context (e.g., network activity, associations, health) for faster security incident response.

  • Optimized compliance posture: Provides out-of-the-box and customizable dashboards and metrics to assess and enhance compliance and security posture, and proactively identify assets lacking critical security controls using compliance framework controls.

Splunk Asset and Risk Intelligence is now in early access and can be deployed and configured within the on-premises Splunk Enterprise or Splunk Cloud environment. It also seamlessly integrates with SIEM tool Splunk Enterprise Security.