Themed the Art of Possible, the 2024 RSA Conference takes place between 6 and 9 of May and will offer insights into the latest trends, how to master new skills, and more. More than 640 vendors will exhibit their new products at the expo and CSO has sifted through the upcoming announcements and gathered the products and services that caught our eye.
That list is here, presented in the order they were announced. Watch this space for new additions as they become available.
RSA pre-conference announcements
Commvault Cloud Cleanroom Recovery
Commvault will showcase its Cloud Cleanroom Recovery, an isolated environment designed to test and strengthen cyber resilience. It functions as a classroom to share knowledge with teams about unknown threats and a strategic war room for crafting realistic plans to tackle new compliance challenges. While Cleanroom Recovery typically exists in the cloud, Commvault will be doing a physical demonstration. Cleanroom Recovery capabilities allow organizations to test organization’s cyber recovery plans and backup production systems before an attack occurs, recover data and applications automatically, and rebuild digital infrastructure after cyber incidents. Commvault will be at RSAC booths 4308 and 5778.
Trend Micro zero trust security access AI gateway
Trend Micro has revealed new capabilities to its Trend Vision One, Zero Trust Secure Access
(ZTSA) controls for AI service use. The AI gateway is designed to protect the end user journey when accessing public or private generative AI services. Specifically, it includes centralized management of employee access and usage of AI applications, prompt inspection to prevent data leaks and malicious injections, content filtering to meet compliance requirements and defense against large language model (LLM) attacks.
Adaptive Shield SaaS security for generative AI
Adaptive Shield SaaS Security Posture Management (SSPM) detection and response capabilities for AI-driven applications is designed to enable enterprises to mitigate the risks introduced by the growing use of generative AI. Some of the features include a security score for each application to help security teams pinpoint those with heightened risk levels; control AI-related security settings within SaaS applications to prevent data leakage or any exposure; discovery and management of shadow apps; management of 3rd party longtail ai-sanctioned apps, securing homegrown applications and data management. Adaptive Shield will be at RSAC booth 1455.
Bugcrowd AI penetration testing
Bugcrowd added AI penetration testing to its security platform. The addition is designed to help AI adopters detect common security flaws before threat actors take advantage. It helps uncover common flaws in prompt injection, training data extraction, data poisoning, and other types of attacks, using a testing methodology based on its open-source Vulnerability Rating Taxonomy. It does this by finding and fixing common issues; tests target, scope and use cases; checks for vulnerabilities in the OWASP Top 10 for LLMs, along with others; and offers curated pentester teams. Bugcrowd will be at RSAC booth 2245.
Legit Security software compliance attestation trust center
Legit Security introduced a software compliance attestation trust center, which by using frameworks such as SLSA, PCI DSS, SOC2, and ISO 27001, helps teams quickly assess the state of a software security program to identify gaps that create risk. The trust center also supports new CISA requirements. It includes out-of-the-box controls and automated validation, customizations defined by customers to enable precise compliance reporting, captures and enables users to export required data by using compliance frameworks to determine status when attesting to CISA or other security frameworks, continuous compliance and faster remediation and new dashboard and reporting capabilities. Legit Security will be at RSAC booth 0232.
Dope.security cloud access security broker
Dope.security’s CASB Neural is a cloud access security broker (CASB) powered by deep learning AI. The product utilizes LLMs to restrict risky SaaS usage and improve DLP by identifying and comprehending externally shared sensitive documents. CASB Neural is designed to identify, extract and understand all externally shared files and display an LLM-generated classification summary when content is sensitive. This enables organizations to identify exposed sensitive data and enables customers to review and/or unshare the data.
Orca Security, ModePUSH digital forensics
Orca Security in partnership with ModePUSH launched cloud digital forensics and incident response services designed to enable organizations to quickly understand and respond to breaches or compromises across their cloud estates and application layers. This is done by using intelligence from the Orca Cloud Native Application Protection Platform (CNAPP).
The integrated capabilities combine data from Orca’s SideScanning snapshots with cloud provider audit logs and third-party agents to detect suspicious activity, potential compromises, or advanced threats. Orca Security will be at RSAC booth 1627.
Sevco updates security platform
Sevco Security has updated its platform with new capabilities that proactively prioritize, automate, and validate the remediation of exposures, including software and environmental vulnerabilities like missing security tools and IT hygiene issues. A new remediation analytics dashboard enables security leaders to view detailed real-time tracking of issues by date with timestamps when issues surface, when action is taken, and when remediation is complete. Cybersecurity teams gain quantifiable insights to manage remediation programs, highlighting where efforts are working and where they aren’t.
Semperis adds ML to identity threat detection and response
Semperis Lightning Identity Runtime Protection (IRP) is an identity threat detection and response (ITDR) product that uses machine learning models to detect widespread and successful attack patterns such as password spray, credential stuffing, other brute force attacks, and risky anomalies. Part of the Semperis Lightning platform, IRP uses algorithms trained on Semperis’ experience to detect sophisticated identity attacks. Semperis CEO Mickey Bresman will be on The Cost of Innovation: Complexities of Software Regulation panel on Tuesday, May 7.
Halcyon Ransomware Warranty program
Halcyon’s Ransomware Warranty program complements the vendor’s ransomware protection offer a step further, with the promise that for any attacks that bypass its defence system Halcyon will provide incident response and recovery services, minimizing downtime and impact on business operations. The level of professional services provided is based on the number of purchased endpoint licenses during the warranty period. The warranty covers all endpoints within the customer’s protected environment where Halcyon’s anti-ransomware solution is operational. To be eligible, organizations must maintain an active Halcyon subscription, ensure their endpoints are in a Blocking Security Posture, and comply with Halcyon’s Subscription Services Agreement. Halcyon will be at RSAC booth 3324.
RSA conference announcements, 6 May
Splunk Asset Risk and Intelligence
Splunk Asset Risk and Intelligence was designed to help SOC teams to simplify compliance, reduce risk and sources of shadow IT across cloud, hybrid, on-prem and IoT systems. Some of its features include enhanced visibility that enables the correlation and aggregation of data from various sources to provide a continually updated inventory of assets and identities, eliminating duplicate or stale data for more accurate, comprehensive asset insights, reducing risk exposure. Accurate investigations that allows security operations teams to map relationships between assets and identities to expedite investigations. Optimized compliance posture that provides out-of-the-box and customizable dashboards and metrics to assess and enhance compliance and security posture, and proactively identify assets lacking critical security controls using compliance framework controls. Splunk will be at RSAC booth 5457.
ForAllSecure Mayhem Dynamic SBOM
ForAllSecure software bill of materials (SBOM) Mayhem Dynamic uses runtime profiling to go through applications’ behavior and find exploitable vulnerabilities as they run. Mayhem Dynamic has attack surface mapping building a runtime profile of the application as it runs, showing a picture of the CVEs reachable in an application. It includes supply chain security to protect dependencies by identifying dependencies that pose the most risk and highlight unused third-party components. And SSDF compliance to simplify compliance with runtime data generating attestations and justifications. ForAllSecure will be at RSAC booth 1067.
Normalyze DSPM new features
Data security posture management vendor Normalyze will be showing new features during the conference. These include DSPM for AI, new scanning capabilities focused on identifying sensitive data being used in large language models (LLMs) to ensure that AI-generated content does not expose sensitive company information. It also helps secure your cloud-based AI deployments in AWS Bedrock and Azure OpenAI by detecting any sensitive data being fed into the foundational or custom models, according to Normalyze. DSPM for on-premise to help teams get visibility and control of sensitive data in non-cloud data centers, Normalyze supports both self-managed as well as cloud-based deployments of scanners to scan on-premises data.
Other news from Normalyze include specialized API for LLM Security; enhance precision with adaptive feedback validation workflows, learning capability that improves classification accuracy and remediation recommendations based on user feedback and actions ; expanded Optical Character Recognition (OCR) with increased support for OCR to better recognize and classify text within scanned documents or images. And Snowflake customers can now apply advanced tools for automated data discovery and classification, precise access management via the Data Access Graph. Normalyze will be at RSAC booth 6476.
Team Cymru investigation and threat hunting software
Team Cymru Pure Signal Scout Insight is an investigation and threat hunting tool designed to help SOC teams, incident responders, and threat analysts identify and track malicious entities on the internet. It uses generative AI capabilities to deliver better insights quickly along with added contextual details, according to Team Cymru. It claims to make threat hunting and triage activities accessible to analysts of all experience levels. It integrates into existing workflows such as Splunk. It feeds intelligence directly into SIEM and SOAR. Team Cymru will be at RSAC booth 6559.