10 Hot New Cybersecurity Tools Announced At RSAC 2024
Major vendors including Cisco, Splunk, Google Cloud and IBM unveiled new security products Monday to kick off RSA Conference 2024.
RSAC Hot Products
RSA Conference 2024 is just getting underway in San Francisco and, already, an array of new cybersecurity products have been unveiled by major vendors. We’re featuring 10 of the new security tools announced Monday, which caught our attention as new entrants into fast-growing segments of the cybersecurity market.
It’ll come as no shock that generative AI is once again featuring heavily in the announcements of new cybersecurity products, making this the second consecutive RSAC where GenAI will be a central topic. But based on the products announced so far — including by vendors such as Cisco, Splunk, Google Cloud and IBM — it’s clear that AI will be just one of many key themes under discussion among the tens of thousands gathering in and around the Moscone Center this week.
[Related: The 20 Hottest AI Cybersecurity Companies]
Threat intelligence firm Recorded Future is among the cybersecurity vendors that debuted new GenAI-powered product capabilities Monday in connection with RSAC. “I think RSA continues to be one of the best events to showcase the innovation and the impact that we have with our customers,” said Colin Mahony, president of Recorded Future, in an interview with CRN.
Other AI-powered security tools unveiled Monday at RSA Conference 2024 included an offering from a startup, Cranium, that provides protection against attacks that target Microsoft’s widely used GenAI tool, Copilot for Microsoft 365.
Meanwhile, other cybersecurity product companies introduced new tools and capabilities at RSAC Monday in hot areas such as security operations, threat intelligence and application security. In the realm of security operations, Cisco unveiled a much-awaited integration for its XDR (extended detection and response) platform with SIEM (security information and event management) technology from Splunk, which Cisco acquired in mid-March for $28 billion. The integration between Cisco XDR and Splunk’s SIEM platform was accomplished “as fast as we possibly could,” said Tom Gillis, senior vice president and general manager of Cisco’s Security Business Group, in an interview with CRN. Additionally, Splunk introduced a new offering of its own Monday in connection with the start of this year’s RSA Conference.
RSAC 2024 takes place this week from Monday, May 6, through Thursday, May 9, and CRN will be on hand to interview top executives and scope out the show floor.
What follows are the details to know on 10 hot new cybersecurity tools announced so far at RSA Conference 2024.
Google Threat Intelligence
At RSAC 2024, Google Cloud announced the launch of its newly unified threat intelligence service, based on the integration of threat intel capabilities from Mandiant, VirusTotal and Google itself. The result is Google Threat Intelligence, which provides improved correlation of threats by combining and analyzing these three massive sources of telemetry, said Eric Doerr, vice president of engineering for Google Cloud Security.
While Mandiant, Google and VirusTotal each have long brought a strong track record for threat intelligence individually, “when you add them together, they’re even more valuable. The correlation makes [threat intelligence] more actionable,” Doerr told CRN. For instance, “sometimes you’ll see threats that you couldn’t see without the triangulation across these data points,” he said.
Google Threat Intelligence ultimately represents a major advancement in the space, Doerr said. The service can be licensed as a standalone offering, he noted, though it’s also “deeply integrated” into the Google Security Operations platform (formerly Google Chronicle Security Operations). As part of Google SecOps, the new Google Threat Intelligence offering will enable use cases such as automated threat hunting — “where we see a new threat [that’s] present in your environment, and we flag that for you. You don’t have to do anything,” Doerr said. “That kind of thing is really magic.”
Cisco: XDR, Splunk, Hypershield, Duo Updates
Cisco Systems is announcing a number of product updates at RSAC 2024, including a major advancement related to its acquisition of security operations stalwart Splunk. First announced at last year’s RSAC, Cisco’s XDR (extended detection and response) platform is getting a big boost through a much-awaited integration with Splunk’s systems. “Splunk has the broadest context of any security tool in [our] inventory,” said Tom Gillis, senior vice president and general manager of Cisco’s Security Business Group. “Splunk sees systems that XDR will not see.” By feeding Splunk’s telemetry into Cisco XDR — which provides greater capabilities for spotting potential threats in real time — Cisco will be able to provide an unprecedented level of detection and response, Gillis said.
Other major updates announced Monday by Cisco included the addition of new functionality to its recently debuted Hypershield architecture, which will now be endowed with capabilities for detecting and stopping attacks exploiting unknown vulnerabilities. Meanwhile, Cisco also unveiled new features for Duo Security, which will remove the need for users to continually authenticate by keeping track of sessions at the operating system level, Gillis said.
Splunk: Asset and Risk Intelligence
In addition to the newly announced integration with Cisco’s XDR (extended detection and response) platform, Cisco-owned Splunk also unveiled a new offering of its own Monday in connection with RSAC 2024. The company announced its newest tool for Security Operations Center (SOC) teams, Splunk Asset and Risk Intelligence, which aims to improve visibility into security risks through correlating and aggregating data from numerous devices, tools and environments. The offering ultimately makes it possible to “provide a continually updated inventory of assets and identities,” Splunk said in a news release. Other key functionality includes capabilities for mapping the relationships between identities and assets to accelerate the pace of security investigations, as well as “out-of-the-box and customizable dashboards and metrics” to enable improved compliance and posture, the company said in the release.
Recorded Future AI Updates
Threat intelligence specialist Recorded Future announced a number of updates Monday to its product portfolio, including what the company says are unique new capabilities for its Recorded Future AI offering. New features include AI Conversation, which enables threat analysts to pose questions to the company’s Intelligence Graph with text prompts, Recorded Future said. A second new feature, AI Insights, allows analysts to generate summaries from massive amounts of data, the company said. “I think it’s a huge boost to threat intel,” said Colin Mahony, president of Recorded Future. The benefits are significant to threat analysts of being able to access information more efficiently and engage more interactively with the platform through simple text-based questions, Mahony said.
Meanwhile, Recorded Future also debuted a new capability for its Collective Insights offering that aims to provide a more holistic view for analysts, he said. The new feature “takes our external intelligence graph, takes this telemetry data, and actually brings the graph into the organization so that we can fully close the loop on the prevention aspect — and really tie it down to the specific actions,” Mahony said.
Additionally, Recorded Future introduced new and enhanced Intelligence Cards, which analysts can reference to “easily see the most important information as an analyst that you need during an actionable investigation,” he said. “You can get it all in one view.”
IBM X-Force Red: Testing Service For AI
At RSA Conference 2024, IBM announced a new offering Monday from its X-Force Red offensive security team. The offering, Testing Services for AI, aims to provide much-needed testing for the security of GenAI applications as well as machine-learning security operations pipelines and AI models. The X-Force Red team brings “deep expertise” in data science, penetration testing and, crucially, experience testing AI technologies for weaknesses that might be exploited by hackers, according to IBM. The service aims to simulate “the most realistic and relevant risks facing AI models today” — which included prompt injections, data poisoning, membership interference and adversarial evasion, the company said.
Code42: Incydr Source Code Protection
During RSAC 2024, Code42 introduced new capabilities for its Incydr data protection tool to secure against leaks and theft of source code. Code42 said the updates provide improved threat visibility through the detection of source code leakage and exfiltration, enabling organizations to halt the loss of their intellectual property. Key features include real-time monitoring for movement of source code in repositories across both corporate and destinations, the company said. The source code detection ultimately enables organizations to “maintain visibility across all clients, Integrated Development Environments (IDEs) and libraries” as well as “to trace files exfiltrated from corporate repositories,” Code42 said.
Cranium AI Exposure Management
Cranium, a startup focused on securing the use of AI in the enterprise, announced Monday the debut of its new Cranium AI Exposure Management offering. The product is the “first” exposure management tool that enables organizations to secure both the use of internal AI applications as well as third-party AI systems, according to the company. Key capabilities include identification of vulnerabilities within AI infrastructure, helping to enable penetration testing for threats to AI and GenAI applications as well as hardening of AI systems. The offering ultimately provides “unparalleled visibility across the organization’s AI ecosystems and insight to take precise and rapid action,” Cranium said in a news release.
ForAllSecure: Mayhem Dynamic SBOM
At RSAC 2024, application security testing firm ForAllSecure announced the launch of a new software bill of materials (SBOM) offering, with the debut of its Mayhem Dynamic SBOM. The offering stands out by assessing the actual behavior of an app “to find only real, exploitable vulnerabilities,” the company said in a news release. Key capabilities include attack surface mapping to help organizations prioritize risk, as well as enhanced supply chain security through identifying high-risk dependencies, according to ForAllSecure. Mayhem Dynamic SBOM ultimately provides benefits to both security teams and developers, including faster remediation and improved software quality, the company said.
1Password Enterprise Password Manager – Partner Edition
Following 1Password’s new global partner program unveiling in February, the password and access management platform provider announced Monday that it has debuted an MSP-focused version of its offering in beta. The “Partner Edition” of the 1Password Enterprise Password Manager is a “dedicated MSP solution,” aimed at providing improved efficiency for service providers, the company said in a news release. Key functionality includes multi-tenancy, a centralized management console and integrations with existing identity platforms, 1Password said. The offering also provides consumption-based billing as well as a “streamlined” system for billing, licensing and audit reporting, according to 1Password.
OpenText cyDNA
OpenText used the kickoff of RSAC 2024 to unveil a new threat intelligence offering, cyDNA, which the company said offers “unparalleled visibility” through enhanced analysis of web traffic both within organizations and in their supply chains. As a result, OpenText cyDNA is able to deliver “actionable insights into threat origins and targets – tracking threat actors across an organization’s assets and identifying adversaries such as criminal organizations or nation states,” OpenText said in a news release. OpenText cyDNA thus “represents a significant step forward in adversarial signals threat intelligence,” the company said in the release.