The annual RSA Security Conference is one of the largest gatherings of the year for cybersecurity professionals, and the RSA 2020 event in San Francisco this week upheld that tradition, undeterred by global fears about the spread of coronavirus.
In many respects, the conference is about innovation, as security companies new and old battle emerging threats with the latest products designed to stop those threats. Here is our take on the hottest startups and products making news at RSA Conference 2020.
10 New Security Products at RSA 2020
In the lead up to the RSA Conference, many cybersecurity vendors announce new products. Then there are the many vendors that announce new technologies at the conference itself.
BlackBerry announced updates to its Spark platform for endpoint security that enables a zero trust architecture. The promise of zero trust is that credential compromise risks are minimized through continuous validation for authenticity.
“By validating user actions, the BlackBerry Spark platform continuously authenticates users to deliver a zero touch experience that improves security with no user interruption,” said Billy Ho, executive vice president of Enterprise Products at BlackBerry. “In this way, dynamic trust is maintained across all devices, networks, data, users, and apps.”
Cisco announced its new SecureX effort, which aims to bring together management and security operation of Cisco devices and services as well as those from partners.
“Cisco SecureX is a fundamental shift in the customers’ security experience by removing the complexity and providing one unified view on the state of customers’ security services and alerts,” said Gee Rittenhouse, SVP and GM of Cisco’s Security Business Group. “In doing so, security teams can become more efficient with resources and be a business enabler that propels the digital transformation forward.”
FireEye announced the availability of its FireEye Mandiant Threat Intelligence Suite, which comprises a number of curated threat intelligence subscriptions and services. The company also announced enhancements to its Helix platform to boost cloud security with entity behavior analytics.
“While offering great flexibility, the cloud also presents unique challenges, as we see every day when responding to security incidents,” said Grady Summers, EVP of Products and Customer Success at FireEye. “Heightened visibility across these platforms is absolutely key.”
Juniper announced new encrypted analytics capabilities for its Advanced Threat Prevention (ATP) Cloud and SRX Series firewalls, as well as the integration of SecIntel to the Mist platform for wireless access.
“This builds on our Connected Security strategy, adding to the capabilities announced in 2019 where we expanded SecIntel capabilities across our MX Series routers and QFX and EX Series switches to enable all users, applications and infrastructures to be safeguarded across all points of connection on the network,” said Samantha Madrid, Juniper’s VP of Security Business and Strategy.
McAfee announced updates to its cloud-native MVISION platform with the availability of Unified Cloud Edge (UCE), which provides unified data and threat protection from device level to the cloud.
McAfee also announced the acquisition of Light Point Security, an award-winning pioneer of browser isolation. Financial terms of the deal were not disclosed.
“The dispersion of data to the cloud, coupled with the myriad of devices available today, has forever changed how we protect critical assets,” said Ash Kulkarni, McAfee’s chief product officer. “To recognize the full potential of the cloud, IT needs to secure data in cloud services they do not own and on networks they do not operate.”
Menlo Security announced its new data poss prevention (DLP) technology, which uses the company’s Isolation Core technology to help limit the risk of data loss.
“As websites use dynamic, targeted content, a DLP solution that relies on network/proxy traffic will have severely degraded data visibility,” said Poornima DeBolle, co-founder and chief product officer at Menlo Security. “Unwilling to settle for trade-offs, we created the DLP solution that leverages our Isolation Core to provide perfect visibility to the DLP engine – something that cannot be achieved by DLP solutions without isolation.”
Open Cybersecurity Alliance
The Open Cybersecurity Alliance (OCA) announced the availability of OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common messaging framework. OCA is a multi-stakeholder effort that includes AT&T, IBM, McAfee, Packet Clearinghouse and Tripwire, among others.
“With the adoption of public cloud and explosion of connected devices, the ability for enterprises to quickly respond to threats across ever-changing technologies, and even beyond perimeters, is critical,” said Brian Rexroad, VP of Security Platforms at AT&T. “OCA is driving an industrial shift in interoperability with the OpenDXL Ontology to support security at scale.”
Palo Alto Networks
Palo Alto Networks announced its new Cortex XSOAR offering, which is the next generation of the Demisto platform acquired by the company last year.
“Both SOAR and threat intelligence management have developed over recent years as tools to help them, but existing product silos have led to even more manual work,” said Lee Klarich, chief product officer for Palo Alto Networks. “Bringing threat intel data into Cortex XSOAR means security orchestration just got simpler for the customer. It makes no sense to have SOAR without native threat intel.”
VMware made three product announcements at the event, including VMware Advanced Security for Cloud Foundation for hybrid cloud security. VMware Carbon Black Cloud was also announced as the first major update to Carbon Black since the company was acquired by VMware last year for $2.1 billion. There are also new auto-remediation features for VMware Secure State to automate actions across multicloud environments
“There must be a new approach to cybersecurity – one that is built-in, unified and context-centric,” said Sanjay Poonen, chief operating officer for VMware customer operations. “We believe the best strategy and approach is to make security intrinsic, enabling organizations to leverage their infrastructure and its unique capabilities across any app, any cloud and any device to better secure the world’s digital infrastructure – from networks, to endpoints, to workloads, to identities, to clouds.”
Top 10 Innovation Vendors
A highlight of any RSA Conference is the annual RSAC Innovation Sandbox Contest, which highlights 10 emerging vendors. The ten vendors selected as finalists by the RSAC judges span a range of different technologies, including cloud, email, compliance, code and supply chain security solutions. The ultimate winner was Securiti.AI, which was selected by judges for the completeness of its vision and roadmap for the months and years ahead.
The 10 finalists were:
Technology: A software-as-a-service (SaaS) security and management platform
Technology: Source code security
Technology: Employee risk scores and evaluation
Technology: Software code fuzzing for application security
Technology: Email security solutions
Technology: Advanced cloud security. Obsidian was one of eSecurity Planet‘s top startups for 2020.
Technology: Artificial Intelligence-powered privacy compliance and automation
Technology: Runtime application security protection
Technology: E-commerce supply chain security
Technology: Vulnerability remediation and orchestration platform