10 Vendors Making News at Black Hat USA 2018

The core of the Black Hat USA conference is security research, but in recent years it has also become a chance for cybersecurity vendors to unveil new products.

Among the new products and services announced at Black Hat USA 2018 are endpoint detection and response (EDR) tools, cloud security, Internet of Things (IoT) security, artificial intelligence and DevOps security updates.

Here are 10 vendors making news at Black Hat USA 2018:


Bitdefender unveiled its new GravityZone Security for Storage product at Black Hat. The new offering aims to help organizations defend against threats to Network-Attached Storage (NAS) and file-sharing systems.

The security module provides real-time protection for multiple types of NAS products, such as Nutanix Acropolis File Services (AFS) and file-sharing solutions such as lCitrix ShareFile that are compliant with the Internet Content Adaptation Protocol (ICAP).

“Digital transformation and expanding collaboration in the workplace creates growing demands on shared storage systems,” stated Harish Agastya, VP of Enterprise Solutions at Bitdefender. “GravityZone Security for Storage protects NAS and file-sharing platforms against increasingly sophisticated and prolific cyberthreats, while ensuring uninterrupted operations and minimal management overhead.”


BlackBerry announced a new ransomware recovery capability in its Workspaces collaboration tool. The goal is to enable organizations to recover rapidly if ransomware is able to infect a file.

“Beyond data loss, opportunity costs, and reputational risks, downtime resulting from ransomware attacks can inflict real harm on customers in any industry, including healthcare or public safety, where the consequences of any delay can be catastrophic,” stated Billy Ho, Executive Vice President of Enterprise Products at BlackBerry.


CrowdStrike announced a series of updated features for its products at Black Hat USA. The new products include Falcon X Premium, a new device control module to enable visibility and control into removable media activity, and new visibility to help protect Docker container environments.

Falcon X Premium expands on the Falcon X EDR offering, adding intelligence reports, Indicators of Compromise (IoCs), intelligence support and custom malware analysis.

“Today, we are announcing multiple critical feature enhancements to offer our customers increased visibility, control and threat prevention for various evolving attack vectors, all delivered from a single lightweight agent and managed through a single console,” stated Amol Kulkarni, chief product officer of CrowdStrike.


IBM said it is opening up five security testing locations for its new X-Force Red offensive testing division.

The new X-Force Red locations are located in Austin, TX; Hursley, England; Melbourne, Australia; and Atlanta, GA. The X-Force Red Labs locations will be use to test the security of multiple types of devices and services, including ATM banking systems.


Irdeto unveiled the 8.0 version of its Cloakware Software Protection, providing organizations with new capabilities to help secure internet of things (IoT) connected devices. Among the new features is a tamper-proof forensic mark for software

Cloakware Software Protection is a suite of advanced cybersecurity technologies that enables organizations to customize the protection of their software-defined business. In addition, Irdeto has announced its new Cloakware Development Center to better connect with developers.

“At the end of the day, Cloakware Software Protection is providing IoT-connected industries with the peace of mind to securely innovate and deploy their services or devices in ever-increasing hostile environments,” stated Jaco Du Plooy, Vice President of IoT Security at Irdeto.


Proofpoint announced new security capabilities. One is Targeted Attack Protection (TAP) which provides isolation for personal webmail and browsing defense. Proofpoint also announced enhanced threat detection capabilities that improve credential phishing detection.

“Technologically, these people-centric innovations are an important step forward for Proofpoint and our customers,” stated Ryan Kalember, senior vice president of Cybersecurity Strategy for Proofpoint. “We help security teams proactively defend their organizations from today’s most advanced threats at scale, embrace new devices, and safely empower employees to use personal email and browse the web.”


Qualys debuted a pair of new features for its cloud-based security platform. Among the new capabilities is the Out-of-Band Configuration Assessment (OCA) module that allows organization to get insight into devices that are not typically scanned in a network.

Qualys has also added a Passive Network Sensor (PNS) to its cloud enabling organization to collect more data about their environments in a continuous manner.

“With this new capability, we are now well on our way to providing CIOs with a continuous and updated view of their global IT assets with two-way CMDB synchronization,” Qualys CEO Philippe Courtot stated. “Such capability is the cornerstone of security, as without visibility, there is no security.”


Testing firm Spirent announced its new CyberFlood Data Breach Assessment, enabling organizations to continuously test environments to understand the risks of data breaches.

The system can be used to enable what is known as Purple Team security testing, where a Red Team actively tries to penetrate a network while the Blue Team is defending. The CyberFlood Data Breach Assessment solution combines Red and Blue Teams into a fully automated Purple Team capability with results displayed on a dashboard.

“Unlike existing solutions, which do not use the real methods and techniques used by real attackers, CyberFlood Data Breach Assessment uses unique data breach emulation technology to provide hyper-realistic scenarios and assessments using the actual methodologies intruders follow,” stated David DeSanto, director of products and threat research at Spirent. “This gives organizations the ability to assess their production defenses and fortify weaknesses before they are compromised by the work of an attacker.”


Tripwire unveiled its new DevOps security capability, which aims to help organizations integrate security checks into the development process. The new DevOps capability is targeted at container development, so developers can scan container registries and images for vulnerabilities. The system also integrates with continuous integration/continuous development (CI/CD) technologies for development testing.

“In addition to securing custom code, businesses need to ensure that the application infrastructure and inherited code remain secure throughout the life cycle,” stated Tim Erlin, vice president of product management and strategy at Tripwire. “We’re excited to introduce a solution that embodies what’s been referred to as ‘DevSecOps,’ true integration of security into the DevOps workflow.”


Ziften said it is enhancing its Zenith endpoint protection platform with advanced anti-virus capabilities. The new capabilities help to block file-based, file-less, and in-memory attacks. Zenith uses artificial intelligence (AI) and the cloud to help protect enterprises.

“There are huge leaps coming in the field of endpoint protection, and the incorporation of our new AI-based AV capability is the first of many that Ziften has planned,” said Ziften CEO Mike Hamilton. “This new AV capability and our endpoint hardening will dramatically simplify the complex work of those tired teams who actually have to respond to endpoint attacks at 3:30am in the morning!”

Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner
Sean Michael Kerner
Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

Top Products

Related articles