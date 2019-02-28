Hottest new cybersecurity products at RSA 2019
This year’s RSA Conference is a key venue for companies to showcase their new cybersecurity products. Here are some of the more interesting tools to check out.
The RSA Conference, held in San Francisco in March, is home to perhaps the largest exhibition of cybersecurity software, hardware and service providers. Many of them use the event to announce or showcase new offerings. The following products are among the more interesting, based on information available prior to the conference. The products are ordered alphabetically by vendor.
ArecaBay: Force Field
Force Field allows developers or security teams to deploy software micro-sensors that act as network sniffers. Collectively, ArecaBay calls them a Network Engine. They require no code change to the app at runtime. Once deployed, an enterprise can perform a three-step process to ensure API integrity: discover/test, monitor and secure all APIs.
Arxan: Rapid Protection and Threat Detection
Arxan has added new rapid protection and threat detection capability into its mobile, hybrid and web app protection solutions. This new capability allows code protections and threat detection sensors to be injected into an application during the DevOps process after code development.
Attivo Networks: The Informer
The Informer is a deception-based, real-time forensic collection offering that extends Attivo’s ThreatDefend Detection and Response platform. The new tool provides a view of the attacker’s activity to accelerate intelligence-driven response and remediation, enhancing the ability to rapidly gather, understand and disseminate adversarial intelligence.
Cognigo: DataSense
DataSense is an artificial-intelligence-based platform for enterprise data protection and compliance. Cognigo claims the product’s natural language processing (NLP) contextualization feature can differentiate between sensitive and non-sensitive data based on language context, which is useful to automatically discover data that falls under the protection of privacy regulations like the GDPR.
Comodo Cybersecurity: Managed Detection & Response (MDR)
Comodo MDR is security operations center as a service (SOCaaS). It provides a team of security researchers who monitor IT systems for signs of compromise and hunt for vulnerabilities. The service relies on Comodo’s SIEM and endpoint management technologies, and on threat intelligence from the Comodo Threat Lab. The MDR service will work with organizations to prioritize and remediate issues.
Cyxtera: AppGate SDP IoT Connector
The AppGate SDP IoT Connector helps secure unmanaged devices by restricting lateral movement and reducing an organization’s attack surfaces using zero-trust principles. Part of Cyxtera’s AppGate platform, IoT Connector allows for granular control of how and when devices connect to a network and which network resources they can connect to.
DataLocker: PortBlocker
PortBlocker is an endpoint protection agent that helps secure USB devices at users’ workstations by preventing data breaches or malware delivery through the USB port. It integrates with DataLocker’s SafeConsole central management platform to deploy and manage remotely. PortBlocker allows only whitelisted USB devices to be mounted. It also logs USB activity and reports back to the SafeConsole management server for auditing.
Eclypsium: Eclypsium Platform v1.0
The Eclypsium platform monitors firmware for known and unknown threats and signs of device tampering during travel and in the supply chain. It also helps manage firmware risk and updates on Macs and PC laptops, servers and network devices. The Eclypsium platform supports cloud and on-premises deployment models.
Idaptive: Next-Gen Access Cloud
Idaptive’s Next-Gen Access Cloud is designed to support an organization’s zero-trust approach identiy and access management (IAM). It verifies and validates people, devices and services while continuously learning from, and adapting to, millions of risk factors. Idaptive claims that Next-Gen Access Clous is the only solution combine single sign-on, adaptive multi-factor authentication, endpoint and mobile context and behavior analytics, and machine learning.
ImageWare Systems: Digital Identity Platform
The ImageWare Digital Identity Platform provides end-to-end digital identity proofing, authentication and lifecycle management solutions. It is available as a cloud SaaS and for on-premises systems. While the platform has turnkey options, APIs allow for custom solutions. Identity proofing allow organizations to validate the digital identity of individuals. Identity authentication offers a broad set of biometrics and other multi-factor authentication methods. The platform also provides a framework for developing digital identity ecosystems across organizations.
Nominet: Nominet NTX
Nominet NTX monitors for cyber threats at the DNS level, a major blind spot that cybercriminals look to exploit. Nominet says it uses concepts from the acoustics field to find anomalies among the noise of DNS traffic. NTX analyzes billions of data packets in real time to pinpoint and eradicate malicious activity.
Owl Cyber Defense: Recon1U
Owl ReCon1U is a data diode cybersecurity solution designed to reduce an organization’s attack surface in cases where bidirectional communication is necessary. The company claims it provides higher security assurance than traditional firewalls. ReCon1U combines the security benefits of hardware-enforced cybersecurity solutions with secure round-trip, bidirectional communication.
PasswordPing: PasswordPing for Active Directory
PasswordPing for Active Directory is a tool to detect compromised credentials: Its Active Directory service protects corporate Active Directory networks from unauthorized access and fraud by screening user accounts for known compromised credentials so they can be blocked.
SaltStack: SaltStack SecOps
SaltStack SecOps allows security professionals and IT operations teams to define a compliance policy together, scan all systems against it, and detect and remediate issues. It relies on SaltStack’s event-driven automation. SaltStack SecOps includes access to a repository of standard compliance profiles for major Unix and Windows operating systems and containerized environments running Docker and Kubernetes.
SecBI: Automated Threat Detection and Response
SecBI’s Automated Threat Detection and Response is a solution aimed at managed security service providers (MSSPs). It automates both threat hunting by analyzing network traffic and breach response. The service creates a comprehensive view of each incident by combining alerts, events and logs into a single narrative that shows all the affected entities and kill chain.
SureCloud: Third Party Risk Management (TPRM)
TPRM automates the third-party risk management process and integrates with broader IT risk management processes and data privacy programs. It helps create a centralized register of third parties, build and automatically send out multiple assessments, and consolidate all responses. A dashboard and reporting framework provide a comprehensive view across those vendors and the risk they may pose to your organization.
Unisys: Stealth 4.0
Stealth 4.0 has enhancements to addresses rising threats associated with the adoption of cloud, mobile and the Internet of Things. Its integration with the LogRhythm security incident and event management (SIEM) system gives Stealth 4.0 what Unisys calls “dynamic isolation” capabilities to quickly isolate devices or users at the first sign of compromise.
Unisys: Stealth(identity)
Unisys Stealth(identity) is biometric identity management software that automates large-scale biometric enrollment processing. It supports fingerprint, face, voice and iris recognition as well as behavioral biometrics. Stealth(identity) provides configurable application programming interfaces for integrating biometric authentication across physical and digital channels, including mobile devices.
Vade Secure: Vade Secure for Office 365
Vade Secure for Office 365 detects advanced phishing, spear phishing and malware attacks. It integrates with your email environment and augments Office 365 security with AI-based predictive email defense. The tool requires no employee training or an additional interface.
Veridium: Veridium InMotion for VeridiumID
Veridium InMotion for VeridiumID is a software platform for mobile biometric authentication. Veridium’s user behavior analytics (UBA) framework identifies human behavior patterns and analyzes them to detect anomalies that could indicate threats. Pairing behavioral data captured on smartphones with users’ biometrics could increase authentication reliability, making it more difficult for malicious actors to spoof their fingerprints or faces to gain access to corporate accounts.
Xton Technologies: XTAM Hybrid Access Security Broker
XTAM Hybrid Access Security Broker is access control software for corporate networks and cloud infrastructures. Once systems are locked behind a firewall, organizations can use XTAM Hybrid Access Security Broker to limit access to only trusted personnel using Active Directory logins, single sign on (SSO) or multi-factor authentication (MFA). It also offers monitoring, video recording and notifications required for auditing and compliance.
