The RSA security conference kicked off earlier this week, bringing security professionals from around the world together in San Francisco, and online.
Here is a summary of some of the latest news from the event:
Google Cloud Security AI Workbench
This new security platform uses a large language model that is specifically designed for security use cases. According to Google, their aim with Security AI Workbench is to solve three top challenges in security: threat overload, toilsome tools, and the talent gap.
Capabilities of the Security AI Workbench include data isolation, data protection, sovereignty, and compliance support.
It also features an integration with Mandiant Threat Intelligence to alert about active breaches, and find, summarize, and respond to threats.
“While generative AI has recently captured the imagination, Sec-PaLM is based on years of foundational AI research by Google and DeepMind, and the deep expertise of our security teams. This work includes new efforts to expand our partner ecosystem to provide businesses with security capabilities at every layer of the cybersecurity stack. We have only just begun to realize the power of applying generative AI to security, and we look forward to continuing to leverage this expertise for our customers and drive advancements across the security community,” Google Cloud wrote in a blog post.
SentinelOne launches Singularity Security DataLake
The new offering provides a comprehensive view of an organization’s security data so that they can more quickly uncover and respond to threats.
It includes out-of-the-box integrations with network, firewall, email, and identity providers such as Armorblox, Aruba, Azure AD, Checkpoint, Cisco, Darktrace, Extrahop, Fortinet, Mimecast, Netskope, Okta, Palo Alto Networks, Proofpoint, and Zscaler.
It also includes AI-powered anomaly detection, which eliminates the need for manual analysis.
CrowdStrike announces XDR for ChromeOS
According to CrowdStrike, this will be the first native XDR offering that is available for Chromebooks.
Data is presented in the CrowdStrike Falcon console along with the data from other devices. It also will offer the ability to automate notifications based on contextual insights.
“Across all verticals, Chromebooks are part of organizations’ PC fleets,” said Michael Suby, research VP at IDC. “In fact, our recent research1 shows that 16% of North American organizations have Chromebooks and we expect this percentage to increase. Lacking visibility into Chromebooks represents open invitation to bad actors. CrowdStrike’s native, agentless integration into ChromeOS rescinds this invitation.”
Tenable One Exposure Management Platform adds support for on-premises and hybrid deployments
This is achieved through an integration with Tenable Security Center 6.1. With this update, customers will have greater flexibility over where they can deploy their vulnerability management assets.
“Visibility into cyber risk factors should be a right and not a privilege, and yet for too many organizations who only deploy on-premises vulnerability management solutions, there’s no way to truly see the full picture of where the greatest threats exist,” said Glen Pendley, chief technology officer, Tenable. “Tenable’s platform approach with Tenable One is continuing to expand its reach throughout the security stack and not only creating economies of scale but flexibility for customers as well.”
Sumo Logic announces several portfolio updates
Its UEBA anomaly detection tool has been updated to deliver greater transparency and flexibility.
It also announced Cloud SIEM Automation Service, which is a combination of Cloud SOAR and Cloud SIEM.
The company is also integrating ChatGPT into Cloud Soar to help security analysts quickly identify best practices based on the documented incident management framework.
Proofpoint updates its security portfolio
Aegis Threat Protection Platform has been updated with capabilities for helping proactively monitor third-party suppliers to discover if they have been compromised and gaining visibility into an email account takeover attack chain.
Identity Threat Defense was updated to add advanced risk analytics and trust visibility for companies with multiple domains which may have obtained too much bi-directional trust.
And finally, Sigma Information Protection Platform now has privacy by design data loss prevention that masks sensitive data in the console to limit exposure.
Zimperium Mobile-First Security Platform unveiled
The new platform is actually a merging of Zimperium Mobile Threat Defense (MTD) and Mobile Application Protection Suite (MAPS).
It provides users with a central location for managing their mobile application security and endpoint security solutions. It includes integrations with SIEMs, IAM, XDR, DevOps workflows, ticketing systems, GitHub Actions, and fraud systems.
“Today’s CISOs need to prioritize a mobile-first security strategy to stay ahead of attacks. There are a host of point solutions on the market for securing devices and applications, but none come together to provide an end-to-end platform to unlock the power of a mobile-powered business strategy,” said Shridhar Mittal, chief executive officer at Zimperium.