Zero-trust security management, extended detection and response (XDR), and a host of other threat and vulnerability management offerings are among the top products and services launched at Black Hat USA 2022 this week in Las Vegas.
Black Hat is an annual global conference of security professionals, enthusiasts, and vendors, serving as a stage for innovation in the field of cybersecurity. The exhibition and conference are held annually at venues in the US, Europe, Asia, and the Middle East, with Las Vegas being the largest event. Below are some of the more exciting product announcements that took place at the show this week.
Checkmarx API Security
Checkmarx API Security, available now, is a new application in the Checkmarx One application security platform. The application goes beyond monitoring api already deployed in production and addresses security issues early in the software development lifecycle, according to Checkmarx. Key features include the ability to automatically identify API endpoints; discovery of newly created or updated APIs as developers verify or compile source code; automatic comparison of an application’s APIs with its documentation to identify unknown APIs; and remediation capabilities designed to enable security professionals and developers to prioritize remediation of Open Web Application Security Project (OWASP) risks and API vulnerabilities.
Cybereason: Cybereason MDR
Cybereason MDR is a mobile managed detection and response application designed to provide security personnel with SOC-like control capabilities that enable them to reduce mean time to remediation by suspending lateral movement of an attack. The application uses a Malicious Operations (MalOp) detection engine to generate detailed intelligence for an active hacking operation, how it maps to the MITER ATT&CK framework, and its threat level. The Cybereason MDR Mobile app will be available later this month on both the Appstore and Playstore.
Cycode: New Supply Chain Security Features
Software Composition Analysis (SCA), Static Application Security Testing (SAST), and container scanning are the latest capabilities in the new update to Cycode’s supply chain security management platform. All new components will be added to Cycode’s knowledge graph, which structures and correlates data from tools and phases of the software development lifecycle to enable developers and security professionals to understand risks and coordinate responses to threats. threats. A key feature of the knowledge graph includes the ability to coordinate security tools across the platform to perform tasks such as identifying when leaked code contains secrets such as API keys or passwords, in order to reduce risk.
Dynatrace: runtime vulnerability monitoring
Support for detection and protection of vulnerabilities in runtime environments, including Java Virtual Machine (JVM), Node.js, and .NET CLR, has been added to the Application Security Module in the software and infrastructure monitoring platform by Dynatrace. Additionally, Dynatrace has expanded its support for applications running on Go, a rapidly growing open source programming language developed at Google. The enhancements are intended to ensure better risk assessment, prioritization, and threat remediation and are scheduled to be available within 90 days.
Mimecast: Mimecast X1
Mimecast X1 is the latest update to Mimecast’s email and business communications security platform of the same name, offering greater understanding of how people collaborate and more advanced protection. Mimecast X1 will include four key enhancements over previous versions: machine learning capabilities for improved detection of emerging and unknown threats; new context-based data analytics, enabling cross-correlation analysis of new threats; an API ecosystem to enable integration with existing security systems, including SIEM (security information and event management), SOAR (security orchestration, automation, and response), EDR (endpoint detection and response), and XDR products; and what the company calls a service framework: a cloud-native system designed to gain insight into user behavior that can help speed detection and response to threats.
NetRise: IoT Threat Detection
NetRise has released its first product, also called NetRise, a cloud-based SaaS application that provides insight into shared vulnerabilities in XIoT firmware images across an organization. XIoT, or Extended Internet of Things (internet of things), refers to all the physical and software assets that an organization has connected to the Internet. The new product aims to provide complete visibility into all IoT products used within an organization by continuously monitoring firmware for vulnerabilities, compliance compliance, software bill of materials (SBOM), misconfigurations and general risks. Through a recent partnership with Fortress Information Security (FIS), NetRise hopes to bring its new firmware analysis platform to existing global FIS customers.
Mi-X is a free, open source tool from Rezilion designed to allow the cybersecurity community to assess whether a given vulnerability is exploitable. Available now as a download from the Github repository, it is a command line interface (CLI) tool that can help researchers and developers know if their containers and hosts are affected by a specific vulnerability, allowing organizations prioritize their remediation plans. Rezilion says that Mi-X works by first identifying and establishing the exploitability of a known critical CVE and then goes on to provide a detailed view of the exploitability criteria and the area of exploitation.
Sentinel One: Ingest XDR
XDR Ingest is a free tool for Sentinel One Extended Detection and Response (Singularity XDR) customers, designed to ingest, retain, correlate, search, and take action on all enterprise security data, both real-time and historical. XDR Ingest, available now, provides customers with data unification and an alternative to the costs and limitations of traditional SIEM products, the company said. XDR Ingest works with Sentinel One’s DataSet data analytics application to provide an integrated data analytics engine for logging data of all types at petabyte scale.
Sysdig: CDR(cnoisy detection and response)
Sysdig’s CDR (Cloud Detection and Response) is a cryptojacking protection offering designed to protect against unauthorized use of computing resources to mine cryptocurrencies. Sysdig CDR selects rules based on machine learning algorithms to detect hidden and ignored threats and gain better visibility into containers. Sysdig says that the machine learning algorithms used are trained to recognize cryptocurrency mining patterns and avoid unexpected cloud fees from hijacked mining. CDR is now available to new and existing Sysdig Secure customers at no additional cost.
Syxsense: Syxsense Zero Trust
Syxsense Zero Trust is a new application within the Syxsense family of endpoint management and security products that aims to enable endpoint compliance with zero trust network access (ZTNA) policies. The new app heralds improvements over traditional endpoint products with the ability to assess device health, ensure granular policy enforcement, and automate risk compliance, according to Syxsense. Additionally, it streamlines endpoint visibility through a single software agent and provides custom policy configuration parameters for each individual corporate asset. Syxsense Zero Trust will be available for purchase in late September 2022.
Tidal Cyber: Community Edition
Tidal Cyber has released a free community edition of its SaaSTidal Threat Defense Platform. Key capabilities include: adversary behavior hunting designed to enable security analysts to quickly investigate ATT&CK (adversarial tactics, techniques, and common knowledge) threat elements; a product registry, which lists vendor-supplied security product capabilities that can be used against specific adversary behaviors; knowledge base tags, which can be used by security personnel to explore relationships between threat objects that are most relevant to their organization; and custom techniques, intended to allow security experts to group specific techniques and sub-techniques together with custom tags, to track and communicate new threat research. The Tidal Cyber Community Edition can be downloaded from www.tidalcyber.com/communityedition
Copyright © 2022 IDG Communications, Inc.