The RSA Conference has long been the premier event on the cybersecurity conference calendar for vendors to announce new product news, and the 2018 event is no exception.
While vendors make announcements throughout the conference, which runs from April 16-20 in San Francisco, much of the news occurs during the first two days of the event. Among the new products announced on the first day of RSA Conference 2018 are endpoint detection and response (EDR), cloud security, incident response, SIEM, artificial intelligence and DevOps security updates.
Here are 10 vendors making news on the first day of the conference:
Akamai announced new capabilities for its cloud delivery platform to help mitigate multiple classes of security risks, including bad bots.
Bots are increasingly being used for attackers for different types of cyber fraud. The Akamai Bot manager is being improved to help organizations protect mobile applications, apps and APIs.
Akamai’s Kona Site Defender Web Application Firewall (WAF) is also being extended to provide API protection for enterprise apps. Additionally, to help organizations more securely access Akamai’s platform, the Akamai Enterprise Application Access technology is being enhanced to enable organizations to securely access applications.
“Building trust is at the core of Akamai’s offerings,” stated Rick McConnell, President and General Manager of the Web Division at Akamai. “Not only trust that we are delivering the highest possible performance for web or media content, but also that the content is secure against theft and disruption.”
Cisco announced improvements to its Advanced Malware Protection (AMP) for Endpoints platform. Among the improvements are enhanced visibility features that benefit from threat information provided by Cisco’s Talos research group as well as third party sources.
Cisco is also getting advanced email protection capabilities via an OEM integration with Agari. The Agari technology provides Domain-based Message Authentication, Reporting and Conformance (DMARC) capabilities. DMARC is a protocol that helps protect the integrity and authenticity of email.
CrowdStrike is extending its Falcon security platform with the launch of new threat analysis capabilities as well as a new endpoint protection platform.
The new Endpoint Protection Complete solution combines the Falcon Endpoint Protection (EPP) technology with services from the CrowdStrike Falcon Endpoint Protection Team.
The threat analysis capabilities are called Falcon X, which is a module for CrowdStrike’s flagship Falcon platform. With the new module, CrowdStrike is offering threat intelligence and automated threat analysis capabilities.
“Most incident response teams have to manually analyze the threats they face with limited visibility into the targeted threat intelligence behind them,” said Dmitri Alperovitch, CrowdStrike’s co-founder and chief technology officer. “With CrowdStrike Falcon X, we elevate customers’ abilities to perform better analysis when a threat is detected and correlate it with strategic and tactical intelligence quickly, cutting down investigation time from hours and even days to seconds.”
Cylance is also announcing enhancements to its cyber security portfolio that benefit from artificial intelligence.
The new AI enhancements are being delivered as modules in the CylanceOPTICS threat hunting and visibility platform. CylanceOPTICS technology complements the company’s flagship CylancePROTECT endpoint detection and response (EDR) platform.
“Our machine learning modules identify security incidents that would be prohibitively expensive and difficult for any human to uncover,” stated Eric Cornelius, Chief Product Officer at Cylance. “This approach, that minimizes the need for static rules, frees up analysts, who are already understaffed and strapped for resources, to focus on more strategic security activities.”
ESET announced a series of new and updated products on the first day of the 2018 RSA Conference, including: ESET Enterprise Inspector, an EDR solution, and ESET Dynamic Threat Defense, a tool that provides off-premises cloud sandboxing and leverages machine learning and behavior-based detection to prevent zero-day attacks.
“We traveled around the world to talk to enterprise IT security specialists, to hear what their needs were,” ESET CTO Juraj Malcho stated. “What we found is that they needed a single console that allowed for visibility into all stages of threat interception: prediction, prevention, detection and remediation. So that is what we made.”
Fortinet announced a new analytics and management technology to integrate data from network operations centers (NOC) and security operations centers (SOCs).
The NOC/SOC integration is delivered in the new update of Fortinet FortiManager Security management platform, which now integrates FortiSIEM (security information and event management) and FortiAnalyzer capabilities for data center visibility.
“As the industry faces a cyber talent shortage and the pressure to maintain operational efficiency and security efficacy is critical for digital business, a new approach is needed that brings visibility and control into the NOC with workflow and response automation in the SOC,” stated John Maddison, senior vice president of Products and Solutions at Fortinet. “Fortinet is introducing a customized NOC-SOC solution that bridges the gap across IT disciplines to achieve broad and automated security response.”
IBM is making a pair of announcements to kick off the 2018 RSA Conference, including an update to the Resilient Incident Response Platform (IRP) and the new IBM X-Force Threat Management Service.
The Resilient Incident Response Platform update integrates new orchestration capabilities to automate repetitive and common tasks, while the new X-Force Threat Management Service brings artificial intelligence (AI) to help automate the initial steps of the threat management process. IBM’s threat intelligence platform made our list of top threat intelligence solutions.
“Companies have an opportunity with breakthroughs like AI for active threat management and Intelligent Orchestration to rewire incident response procedures for the age of intelligence,” said Marc van Zadelhoff, General Manager of IBM Security.
McAfee is expanding its cloud security capabilities with a pair of announcements.
The new McAfee CASB Connect Program, provides a self-serve framework to enable cloud application services to build API connectors to the McAfee Skyhigh Security Cloud Service. McAfee acquired Skyhigh in November 2017.
McAfee is also now providing application container security capabilities as part of its Cloud Workload Security (CWS) 5.1 update.
“McAfee Cloud Workload Security enables organizations to secure cloud workloads and containers across AWS, Azure, VMware, and their private cloud, addressing key security, compliance and governance requirements so that they can accelerate their business in the cloud,” stated Rajiv Gupta, senior vice president of McAfee’s cloud security business unit.
Qualys has a trio of product announcements at the 2018 RSA event.
The Qualys Web Application Scanning (WAS) 6.0 offering has been expanded to help enable a DevSecOps workflow for developers to scan Swagger version 2.0-based REST APIs for potential security issues.
Qualys is also debuting a pair of free services including CertView, which gives organizations inventory and assessment of public facing SSL/TLS certificates. The CloudView service provides IT professional with an inventory of public cloud workloads and infrastructure usage.
Symantec announced enhanced Targeted Attack Analytics (TAA) capabilities for its Advanced Threat Protection (ATP) customers.
“Symantec’s team of cyber analysts has a long history of uncovering the world’s most high-profile cyber attacks and now their deep understanding of how these attacks unfold can be put to use by our customers without the need to employ a team of researchers,” said Symantec CEO Greg Clark. “Targeted Attack Analytics uses advanced analytics and machine learning to help shorten the time to discovery on the most targeted and dangerous attacks and to help keep customers and their data safe.”
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.