Zero Trust Security Management, Extended Detection and Response (XDR), and a host of other threat and vulnerability management offerings were among the top products and services launched at Black Hat USA 2022 this week in Las Vegas.
Black Hat is an annual global conference of security professionals, enthusiasts, and vendors, serving as the stage for cybersecurity innovation. The expo and conference are held annually at venues in the United States, Europe, Asia and the Middle East, with Las Vegas usually being the largest event. Below are some of the more exciting product announcements that took place at the show this week.
Checkmarx API Security
Checkmarx API Security, available now, is a new application from the Checkmarx One application security platform. The app goes beyond monitoring Apis already deployed in production and addresses security issues early in the software development lifecycle, according to Checkmarx. Key features include the ability to automatically identify API endpoints; discovery of newly created or updated APIs as source code is checked in or compiled by developers; automatically compare an application’s APIs with its documentation to identify unknown APIs; and remediation capabilities designed to enable security professionals and developers to prioritize remediation of API vulnerabilities and Open Web Application Security Project (OWASP) risks.
Cybereason: Cybereason MDR
Cybereason MDR is a managed detection and response mobile application designed to give security personnel SOC-like control capabilities that allow them to reduce mean time to resolution by suspending the lateral movement of an attack. The app uses a Malicious Operation Detection Engine (MalOp) to generate detailed intelligence about an active hacking operation, how it matches the MITER ATT&CK framework, and its threat level. The Cybereason MDR Mobile app will be available later this month on Appstore and Playstore.
Cycode: New Supply Chain Security Features
Software Composition Analysis (SCA), Static Application Security Testing (SAST) and Container Analysis are the latest features of the new update to the chain’s security management platform Cycode supply chain. All new components will be added to Cycode’s knowledge graph, which structures and correlates data from tools and software development lifecycle phases to enable programmers and security professionals to understand risks and coordinate actions. responses to threats. A key function of the Knowledge Graph includes the ability to coordinate security tools on the platform to perform tasks such as identifying when leaked code contains secrets such as API keys or passwords, in order to reduce the risks.
Dynatrace: Runtime Vulnerability Monitoring
Support for detecting and protecting vulnerabilities in runtime environments, including Java Virtual Machine (JVM), Node.js, and .NET CLR, has been added to the Application Security module in Dynatrace software and the infrastructure monitoring platform. Additionally, Dynatrace has extended its support for applications running in Go, a rapidly growing open-source programming language developed by Google. The enhancements are intended to provide better risk assessment, threat prioritization and remediation and are expected to be available within 90 days.
Mimecast: Mimecast X1
Mimecast X1 is the latest update to Mimecast’s corporate communications and email security platform of the same name, delivering better insights into how people work together and more advanced protection. Mimecast X1 will include four key improvements over previous versions: machine learning capabilities for more advanced detection of emerging and unknown threats; new contextual data analytics, enabling cross-analysis of new threats; an ecosystem of APIs to enable integration with existing security systems, including SIEM (security information and event management), SOAR (security orchestration, automation and response), EDR (endpoint detection and response) and XDR products; and what the company calls a service framework, a cloud-native system designed to gain insights into user behavior that can help speed threat detection and response.
NetRise: detecting IoT threats
NetRise has launched its first product, also called NetRise, a cloud-based SaaS application offering shared vulnerability information across XIoT firmware images in an organization. XIoT, or extended internet of things (IoT), refers to all physical and software assets that an organization has connected to the Internet. The new product aims to provide complete visibility into all IoT products in use within an organization by continuously monitoring firmware to identify vulnerabilities, compliance status, software bill of materials (SBOM), misconfigurations and global risks. Through a recent partnership with Fortress Information Security (FIS), NetRise hopes to bring its new firmware scanning platform to existing global FIS customers.
Mi-X is a free open source tool from Rezilion designed to allow the cybersecurity community to assess whether a certain vulnerability is exploitable. Available now for download from the Github repository, it is a command-line interface (CLI) tool that can help researchers and developers find out if their containers and hosts are affected by a specific vulnerability. , allowing organizations to prioritize their remediation plans. Rezilion says Mi-X works by first identifying and establishing the exploitability of a known critical CVE, then providing a detailed view of the exploitability criteria and area of exploitation.
Sentinel 1: XDR Ingest
XDR Ingest is a free tool for Sentinel One Singularity XDR (extended detection and response) customers, designed to ingest, curate, correlate, search, and act on all enterprise security data, both in real time and historical. XDR Ingest, available now, offers customers data unification and an alternative to the costs and limitations of traditional SIEM products, the company said. XDR Ingest is powered by Sentinel One’s DataSet data analytics application, aiming to provide an integrated data analytics engine for log data of all types at the petabyte scale.
Sysdig: CDR (cstrong detection and response)
Sysdig’s CDR (cloud detection and response) is a cryptojacking protection offering designed to protect against the unauthorized use of computing resources to mine cryptocurrency. Sysdig CDR organizes rules based on machine learning algorithms to detect hidden and ignored threats and gain better visibility into containers. Sysdig says the machine learning algorithms used are trained to recognize cryptocurrency mining patterns and avoid unexpected cloud charges from hacked mining. CDR is already available to existing and new Sysdig Secure customers at no additional cost.
Syxsense: Syxsense Zero Trust
Syxsense Zero Trust is a new application in Syxsense’s family of endpoint security and management products that aims to enable endpoint compliance with zero trust network access (ZTNA). According to Syxsense, the new app heralds improvements over traditional endpoint products with the ability to assess device health, provide granular policy compliance and automate risk compliance. Additionally, it streamlines endpoint visibility through a single software agent and provides custom policy configuration settings for each individual enterprise asset. Syxsense Zero Trust will be available for purchase at the end of September 2022.
Tidal Cyber: Community Edition
Tidal Cyber has released a free community edition of its SaaSTidal Platform based on threat defense. Key features include: adversary behavior research designed to allow security analysts to quickly investigate ATT&CK (adversary tactics, techniques, and common knowledge) threat elements; a product registry, listing the features of vendor-provided security products that can be used against specific adversary behaviors; knowledge base tags, which can be used by security personnel to explore the relationships between the threat objects most relevant to their organization; and custom techniques, intended to allow security experts to group specific techniques and sub-techniques with custom labels, in order to track and communicate new threat research. The Tidal Cyber Community Edition can be downloaded from www.tidalcyber.com/communityedition
Copyright © 2022 IDG Communications, Inc.Source link