Themed the Art of Possible, the 2024 RSA Conference takes place between 6 and 9 of May and will offer insights into the latest trends, how to master new skills, and more. More than 640 vendors will exhibit their new products at the expo and CSO has sifted through the upcoming announcements and gathered the products and services that caught our eye.
CSO will update this article as more announcements become available. We’ve organized the listings by the day of the announcement.
RSA pre-conference announcements
Commvault Cloud Cleanroom Recovery
Commvault will showcase its Cloud Cleanroom Recovery, an isolated environment designed to test and strengthen cyber resilience. It functions as a classroom to share knowledge with teams about unknown threats and a strategic war room for crafting realistic plans to tackle new compliance challenges. While Cleanroom Recovery typically exists in the cloud, Commvault will be doing a physical demonstration. Cleanroom Recovery capabilities allow organizations to test organization’s cyber recovery plans and backup production systems before an attack occurs, recover data and applications automatically, and rebuild digital infrastructure after cyber incidents. Commvault will be at RSAC booths 4308 and 5778.
Trend Micro zero trust security access AI gateway
Trend Micro has revealed new capabilities to its Trend Vision One, Zero Trust Secure Access
(ZTSA) controls for AI service use. The AI gateway is designed to protect the end user journey when accessing public or private generative AI services. Specifically, it includes centralized management of employee access and usage of AI applications, prompt inspection to prevent data leaks and malicious injections, content filtering to meet compliance requirements and defense against large language model (LLM) attacks.
Adaptive Shield SaaS security for generative AI
Adaptive Shield SaaS Security Posture Management (SSPM) detection and response capabilities for AI-driven applications is designed to enable enterprises to mitigate the risks introduced by the growing use of generative AI. Some of the features include a security score for each application to help security teams pinpoint those with heightened risk levels; control AI-related security settings within SaaS applications to prevent data leakage or any exposure; discovery and management of shadow apps; management of 3rd party longtail ai-sanctioned apps, securing homegrown applications and data management. Adaptive Shield will be at RSAC booth 1455.
Bugcrowd AI penetration testing
Bugcrowd added AI penetration testing to its security platform. The addition is designed to help AI adopters detect common security flaws before threat actors take advantage. It helps uncover common flaws in prompt injection, training data extraction, data poisoning, and other types of attacks, using a testing methodology based on its open-source Vulnerability Rating Taxonomy. It does this by finding and fixing common issues; tests target, scope and use cases; checks for vulnerabilities in the OWASP Top 10 for LLMs, along with others; and offers curated pentester teams. Bugcrowd will be at RSAC booth 2245.
Legit Security software compliance attestation trust center
Legit Security introduced a software compliance attestation trust center, which by using frameworks such as SLSA, PCI DSS, SOC2, and ISO 27001, helps teams quickly assess the state of a software security program to identify gaps that create risk. The trust center also supports new CISA requirements. It includes out-of-the-box controls and automated validation, customizations defined by customers to enable precise compliance reporting, captures and enables users to export required data by using compliance frameworks to determine status when attesting to CISA or other security frameworks, continuous compliance and faster remediation and new dashboard and reporting capabilities. Legit Security will be at RSAC booth 0232.
Dope.security cloud access security broker
Dope.security’s CASB Neural is a cloud access security broker (CASB) powered by deep learning AI. The product utilizes LLMs to restrict risky SaaS usage and improve DLP by identifying and comprehending externally shared sensitive documents. CASB Neural is designed to identify, extract and understand all externally shared files and display an LLM-generated classification summary when content is sensitive. This enables organizations to identify exposed sensitive data and enables customers to review and/or unshare the data.
Orca Security, ModePUSH digital forensics
Orca Security in partnership with ModePUSH launched cloud digital forensics and incident response services designed to enable organizations to quickly understand and respond to breaches or compromises across their cloud estates and application layers. This is done by using intelligence from the Orca Cloud Native Application Protection Platform (CNAPP).
The integrated capabilities combine data from Orca’s SideScanning snapshots with cloud provider audit logs and third-party agents to detect suspicious activity, potential compromises, or advanced threats. Orca Security will be at RSAC booth 1627.
Sevco updates security platform
Sevco Security has updated its platform with new capabilities that proactively prioritize, automate, and validate the remediation of exposures, including software and environmental vulnerabilities like missing security tools and IT hygiene issues. A new remediation analytics dashboard enables security leaders to view detailed real-time tracking of issues by date with timestamps when issues surface, when action is taken, and when remediation is complete. Cybersecurity teams gain quantifiable insights to manage remediation programs, highlighting where efforts are working and where they aren’t.
Semperis launches identity threat detection and response
Semperis Lightning Identity Runtime Protection (IRP) is an identity threat detection and response (ITDR) product that uses machine learning models to detect widespread and successful attack patterns such as password spray, credential stuffing, other brute force attacks, and risky anomalies. Part of the Semperis Lightning platform, IRP uses algorithms trained on Semperis’ experience to detect sophisticated identity attacks. Semperis CEO Mickey Bresman will be on The Cost of Innovation: Complexities of Software Regulation panel on Tuesday, May 7.