Hottest new cybersecurity products at RSA Conference 2020

The annual RSA Conference is a key venue for companies to showcase their new cybersecurity products. Here are some of the more interesting tools to check out.

SLIDEFEATURED PRODUCTS
RSA 2020\'s hottest products
ALLVISIONN / DonFiore / Getty Images

RSAC 2020

The RSA Conference, held in March in San Francisco, is one of the leading events for information security vendors to announce their new product offerings. Following are a few of the more interesting products being announced this year, based on information provided prior to the event. The products are listed in alphabetical order.

42Crunch
42Crunch

42Crunch: Self-service free and low-cost subscription options for 42Crunch API Security platform

42Crunch claims to offer the most comprehensive API Security solution on the market, covering all phases of web API lifecycles: security audit during API design and development security testing and runtime protection. The platform used to be only available as a high-price product for large enterprises, but the company has re-architected the product and on Tuesday at the show are releasing the next generation that has self-signup and efficient free and low-price tiers.

RSAC location: The company will not have a specific booth at the show this year but will instead hold pre-arranged meetings and marketing activities with analysts (Gartner, Forrester, IDC, Aite, ESG, etc.), the media and partners.

Attivo Networks: ThreatDefend: Endpoint Detection Net
Attivo Networks

Attivo Networks: ThreatDefend: Endpoint Detection Net

The new Attivo Networks Endpoint Detection Net (EDN) offering is part of the Threat Defend portfolio and is designed to “ambush attackers at the endpoint.” The product’s enhanced capabilities enable organizations to detect threats across vectors, locking down the endpoint so that an attacker cannot move laterally using methods such as Active Directory recon, accessing credentials or mapped shares, discovering active ports or network assets, man-in-the-middle attacks, and exploration of lateral attack paths.

RSAC location: South Expo Hall, Booth #2127.

Cyber Armor: Service-to-Service Control for DevOps
Cyber Armor

Cyber Armor: Service-to-Service Control for DevOps

Cyber Armor empowers DevOps to seamlessly deploy natively zero-trust workloads across cloud-native, hybrid and multi-cloud environments. It aims to eliminate the friction between security and development by automating security and accelerating product delivery. Its identity-based zero-trust control plane assures only authenticated workloads run, communicate and access data and that integrity is kept from CI/CD to runtime.

RSAC location: South Expo Hall, booth #735F.  

Cyberint: Managed Threat Hunting
Cyberint

Cyberint: Managed Threat Hunting

Cyberint’s Managed Threat Hunting delivers proactive and continuous hunting for threats in the organization’s environment, searching for existing compromises, malicious activity, persistence or residuals from past breaches. The service leverages third-party endpoint technology and a security orchestration automation and response (SOAR) solution and is delivered by Cyberint’s cyber experts who analyze the data, enrich, do triage and respond with incident containment and ongoing
remediation.

RSAC location: North Expo Hall, booth #4425.

Devo Technology: Devo Security Operations
Devo Technology

Devo Technology: Devo Security Operations

Devo Security Operations combines the capabilities typically found in SIEM software, threat intelligence platforms, case management solutions and user and entity behavior analytics (UEBA) products in a single solution with an integrated analyst workflow. Delivered on top of the Devo Data Analytics Platform, Devo Security Operations provides auto enrichment, threat intelligence, community collaboration, and a central evidence locker aimed at making analysts more effective in identifying and stopping threats.

RSAC location: South Expo Hall, booth #2339.

Devolutions: Devolutions Password Server
Devolutions

Devolutions: Devolutions Password Server

Devolutions Password Server is a Privileged Access Management (PAM) product. Devolutions created Password Server specifically for the needs of SMBs (companies with fewer than 1,000 employees). Password Server allows IT teams to control access to privileged accounts and manage remote sessions through a secure solution that can be deployed on-premises. The aim is to hopefully reduce the risks from insider threats and data breaches that often originate from credential misuse or compromise.

RSAC location: North Expo Hall, Booth #6381

Egnyte: Egnyte Content Services Platform

Egnyte: Egnyte Content Services Platform 

Egnyte's next-generation content services platform delivers a unified approach to content governance, data privacy, compliance and workflow automation. The platform leverages machine learning and AI to give companies high levels of visibility and control over their content assets through a simple, turnkey solution. The platform also makes it easier to collaborate through content-rich workflows and to quickly access large files from remote locations.

RSAC location: South Expo Hall, Booth #3232

eSentire: esCLOUD
eSentire

eSentire: esCLOUD

esCLOUD is eSentire’s new comprehensive portfolio of cybersecurity services that extends the company’s managed detection and response (MDR) capabilities and threat hunting expertise into modern cloud environments, including AWS, Microsoft Azure, Google Cloud Platform and Microsoft Office 365. esCLOUD constantly monitors customer cloud environments to detect improper configurations and vulnerabilities that could otherwise lead to data loss and compromise.

RSAC location: South Expo Hall, Booth #S-1453

Essence SigmaDots: Essence SigmaDots Embedded IoT Security Platform
Essence SigmaDots

Essence SigmaDots: Embedded IoT Security Platform

The Essence SigmaDots platform offers a comprehensive security mesh, harnessing the power of distributed architecture to completely secure IoT devices. The product offers a fully embedded, distributed, and multi-layered approach. It is comprised of four pillars: on-the-edge dynamic firewall and anti-virus, distributed MQTT networking protocol-as-a-service, end-to-end encryption-as-a-service, and cloud-agnostic/on-premises platform for cyber events, operational monitoring and alerting.  These pillars can be implemented independently or as a complete solution.

RSAC location: South Expo Hall, Booth #735

Farsight Security Inc.: SIE Batch
Farsight Security Inc.

Farsight Security Inc.: SIE Batch

SIE Batch: Security Information Exchange (SIE) is the company’s flagship security data sharing platform — it streams, in real-time, Farsight's own DNS intelligence solutions, such as the Newly Active Domains solution, as well as third-party real-time data that security professionals use to protect their organizations. SIE Batch is a new method for security professionals to more easily consume this real-time data. It is available as both a GUI (as you can see in the screenshot) and as an API. You must be a subscriber to one of Farsight's SIE real-time data feeds to use SIE Batch.

RSAC location: South Expo Hall, Booth #3338

Fidelis Cybersecurity: Fidelis Elevate Version 9.3
Fidelis Cybersecurity

Fidelis Cybersecurity: Fidelis Elevate Version 9.3

Fidelis Elevate integrates network and cloud traffic analysis, endpoint detection and response and deception technologies. It features open threat intelligence feeds, cloud-based sandboxing and advanced malware analysis to automate threat detection, investigations and response. Fidelis enables real-time and retrospective metadata analysis for endpoint activity and network and cloud traffic, as well as automated scripts and playbooks for detection, investigation and response, with retroactive application of new indicators of compromise to historic metadata.

RSAC location: South Expo Hall, booth #1441.

FireEye Verodin
FireEye

FireEye Verodin: FireEye Verodin Threat Actor Assurance Module (TAAM)

The FireEye Verodin Threat Actor Assurance Module (TAAM) integrates threat intelligence into the Verodin platform to give organizations unique visibility into how their cyber defenses will perform against the threat actors most likely to be targeting them. The FireEye Verodin TAAM aims to give companies to optimize protection and reduce business risk against known threat actors and their attack behaviors.
 
RSA location: North Expo Hall, Booth #6069
Forescout Technologies, Inc.: Forescout 8.2
Forescout Technologies, Inc.

Forescout Technologies, Inc.: Forescout 8.2

Forescout 8.2 aims to accelerate the ability to identify all connected devices, compliance gaps and risks on a network, enabling organizations to act confidently and quickly to mitigate security exposures and reduce mean time to respond (MTTR) across their extended enterprise networks. This latest release also includes a new persona-centric user interface, deployment flexibility in public cloud environments, and network access control via direct integration with Arista infrastructure without the need for agents.

RSAC location: North Expo Hall, Booth #6179

Fortinet: FortiAI
Fortinet

Fortinet: FortiAI

FortiAI is marketed as a first-of-its-kind on-premises appliance that leverages self-learning deep neural networks (DNN) to speed threat remediation and handle time-consuming, manual security analyst tasks.

FortiAI’s Virtual Security Analyst embeds one of the industry’s most mature cybersecurity artificial intelligence directly into an organization’s network to deliver sub-second detection of advanced threats. 

RSA location: show: North Expo Hall, Booth #5855

GreatHorn: Account Takeover Protection
GreatHorn

GreatHorn: Account Takeover Protection

Account Takeover Protection claims to be the first and only biometric-based solution that effectively identifies compromised accounts and blocks takeover attempts by validating users with their unique typing patterns. Administrators can automate responses to authorization failures by inserting a warning banner to the recipient, removing the message upon send, or simply logging the event for later analysis.

RSAC location: North Expo Hall, Booth #4214

Kingston Technology: IronKey D300 line
Kingston Technology

Kingston Technology: IronKey D300 line

With NATO Restricted Level certification, the IronKey D300 line of drives is available in Serialized and Serialized Managed models that feature an advanced level of security to safeguard sensitive information. FIPS 140-2 Level 3 certified, with 256-bit AES hardware-based encryption in XTS mode with fast data transfers that use the latest in NAND Flash and controller technology these drives aid in setting security standards, corporate policies and data loss protection best practices. The drive uses digitally signed firmware, making it immune to BadUSB, and it enforces complex password protection with minimum characteristics to prevent unauthorized access.

RSAC location: North Expo Hall, booth #4509.

LUMU

LUMU

Applying principles of continuous compromise assessment, LUMU has built a powerful closed-loop, self-learning solution that helps security teams accelerate compromise detection and gain real-time visibility across their infrastructure. Its cloud-based solution does this by collecting and standardizing metadata from across the network and applying artificial intelligence to correlate threat intelligence from these disparate data sources to isolate confirmed points of compromise.

RSAC location: North Expo Hall, Booth #4315

ManageEngine: Access Manager Plus
ManageEngine

ManageEngine: Access Manager Plus

ManageEngine, the IT management division of Zoho Corporation, is announcing the launch of Access Manager Plus, a privileged session management solution for enterprises. With features like jump box support, session recording and live monitoring, the solution enables security administrators to facilitate and govern remote sessions that provide users with privileged access to critical business systems

RSAC location: South Expo Hall, Booth #2051

Menlo Security:  Global Cloud Proxy Platform/ Cloud Data Loss Prevention (DLP)
Menlo Security

Menlo Security:  Global Cloud Proxy Platform / Cloud Data Loss Prevention (DLP)

Cloud Data Loss Prevention (DLP) is marketed as the world’s first DLP solution powered by an Isolation Core, which monitors and prevents data exfiltration by users. By working with isolation and cloud proxy technologies, Cloud DLP identifies and tags specific data types deemed sensitive according to file type, regular expressions or set data-type libraries.

RSAC location: North Expo Hall, booth #6370.

NCP engineering Inc.: NCP Authenticator
NCP engineering Inc.

NCP engineering Inc.: NCP Authenticator

The new NCP Authenticator App is available for mobile devices as a free download in the Apple Store and the Google Play Store. With the NCP Secure Enterprise Management Server, a time-based one-time password (generated with NCP Authenticator App) can be used as an alternative to NCP Advanced Authentication (via SMS) as a second factor.

RSAC location: South Expo Hall, Booth #3133

Netsurion: EventTracker; Feature = MITRE ATT&CK Framework Dashboard and Integration
Netsurion

Netsurion: EventTracker; Feature = MITRE ATT&CK Framework Dashboard and Integration

Netsurion is announcing the integration of the MITRE ATT&CK framework with the upcoming 9.3 release of its co-managed SIEM, EventTracker. The framework allows defenders to identify relationships between individual observations and known campaigns or threat actors, making it possible to block those tactics and enable a more effective defense.

RSAC location: South Expo Hall, Booth #241

Odo Security:  OdoAccess
Odo Security

Odo Security:  OdoAccess

OdoAccess is marketed as a simple to configure and deploy, secure and centralized platform that enables security teams to manage web, SSH, RDP and database access across hybrid-cloud and on-premises infrastructures, without the need for VPNs.  OdoAccess features a powerful SaaS management interface and highly granular comprehensive privileged access control to support remote corporate users, outside contractors and other third-parties.

RSAC location: South Expo Hall, Booth #735K.

PencilDATA: Chainkit for Splunk and Chainkit for ELK Stack
PencilDATA

PencilDATA: Chainkit for Splunk and Chainkit for ELK Stack

Chainkit is a tool for detecting adversarial anti-forensic tampering techniques that attackers use to evade detection and prolong dwell times inside a system. Chainkit offers scalable defense for data and systems down to individual lines of code by using distributed ledger-agnostic cryptographic math to create chains of custody comprised of thousands of globally distributed nodes under separate domains of control. This aims to make compromise exponentially more expensive and impractical for attackers than the typical single node attack.

RSAC location: InterContinental (Sky Lounge on the 31st Floor), 888 Howard St, San Francisco

Perimeter 81 (with SonicWall): Secure Access Service Edge (SASE) Platform
Perimeter 81 (with SonicWall)

Perimeter 81 (with SonicWall): Secure Access Service Edge (SASE) Platform

Perimeter 81, through an ongoing partnership with SonicWall, is announcing their Secure Access Service Edge (SASE) Platform. SASE is a cloud-native architecture model that supports dynamic secure access to organizational assets by combining multiple network technologies delivered as a service, including Secure Web Gateway, Cloud Access Security Broker, Firewall-as-a-Service (FWaaS) and Zero Touch Network Access with WAN capabilities (i.e., SDWANaaS).

RSAC location: South Expo Hall, Booth #1365

Privitar: Privitar Data Privacy Platform
Privitar

Privitar: Privitar Data Privacy Platform

Privitar has announced the latest release of the Privitar Data Privacy Platform. The solution adds several enterprise-ready capabilities including native HIVE support and enhanced Kerberos and AWS support, giving global organizations the opportunity to dramatically improve data utilization while protecting customer sensitive data.

RSAC location: South Expo Hall, Booth #2432

ProcessUnity: ProcessUnity Vendor Risk Management (VRM) Best Practices Configuration
ProcessUnity

ProcessUnity: ProcessUnity Vendor Risk Management (VRM) Best Practices Configuration

ProcessUnity VRM Best Practices Configuration is a pre-configured third-party risk management program with turn-key workflows, assessments, calculations, risk analysis and reporting. Developed by subject matter experts and perfected via hundreds of successful customer implementations, this new product aims to deliver a complete “out-of-the-box” program with a high-quality, systematic and repeatable assessment process for organizations of all sizes.

RSAC location: North Expo Hall, Booth #4609

Randori: Randori Attack Platform

Randori: Randori Attack Platform

Randori says it is launching the first attack platform that continuously attacks companies with the same techniques nation-state hackers and criminal adversaries employ. Combining hacker logic with automated surveillance, exploitation and attack tooling in a scalable platform — the Randori Attack Platform performs everything from reconnaissance to exfiltration. Unlike a simulation, which replays historical attacks inside artificial boundaries, Randori provides customers the ability to safely launch real-world attacks against their production assets. 

RSAC location: North Expo Hall, booth #4136

ReversingLabs: ReversingLabs Titanium
ReversingLabs

ReversingLabs: ReversingLabs Titanium Platform

ReversingLabs Titanium Platform is marketed as the first threat intelligence platform with explainable machine learning. With new and enhanced capabilities including new machine learning algorithm models, explainable classification and out-of-the-box security information and event management (SIEM) plug-ins, security, orchestration, automation and response (SOAR) playbooks, and MITRE ATT&CK Framework support, Titanium aims to deliver explainable insights and verification that better support humans in the incident response decision making process.

RSAC location: South Expo Hall, Booth #3311

SaltStack: SaltStack Enterprise 6.2, SaltStack Protect 6.2, and SaltStack Comply 6.2
SaltStack

SaltStack: SaltStack Enterprise 6.2, SaltStack Protect 6.2, and SaltStack Comply 6.2

Version 6.2 of SaltStack Enterprise, SaltStack Protect and SaltStack Comply introduces several new integrations and capabilities to help users enforce comprehensive cyber hygiene across crucial digital infrastructure.  SaltStack Protect integrates infrastructure automation and configuration management with the Tenable.io vulnerability management solution for closed-loop vulnerability remediation. SaltStack Comply now includes CIS-certified content for Windows Server 2012 and Windows Server 2019, and SaltStack Enterprise integrates with Splunk for event-driven automaton and monitoring.

RSAC location: Booth #3129 between the North and South expo halls 

Sectigo: Sectigo Web Security Platform

Sectigo: Sectigo Web Security Platform

Sectigo Web Security Platform provides an all-in-one solution for monitoring, alerting, remediating and patching vulnerabilities found in commonly used content managemet systems such as WordPress, Drupal, Joomla, Magento, WooCommerce, and PrestaShop. The platform detects, removes, and remediates any malware found within the code, database or as files on the server. The platform also offers daily website backups and increased speed and SEO results for the website when utilizing Sectigo’s content delivery network and web application firewall.

RSAC location: South Expo Hall, booth #2327.

Secureworks: Secureworks Cloud Configuration Review
Secureworks

Secureworks: Secureworks Cloud Configuration Review

Secureworks’ new Cloud Configuration Review service brings together decades of Secureworks’ security consulting SecOps experience with the innovative VMware Secure State, a public cloud security and compliance monitoring platform. The end goal of this service is to deliver an accurate assessment of a customer’s current cloud security posture, critical risks, and actionable steps to advance their security and business objectives.

RSAC location: North Expo Hall, Booth #4437

Spirent: Cyberflood Data Breach Assessment Version 2.0

Spirent: Cyberflood Data Breach Assessment Version 2.0

CyberFlood Data Breach Assessment evaluates the ability of an organization’s security infrastructure to detect active attackers and vulnerabilities. It provides endpoint evaluation of evasion techniques and encrypted attacks to distinguish real traffic and activities that are otherwise indistinguishable from an attacker’s live efforts. CyberFlood DBA will support a wide range of industry frameworks including Mitre ATT&CK and the NetSecOPEN Test Suite.

RSAC location: North Expo Hall, booth #5579.

Sumo Logic: Sumo Logic Cloud SIEM Enterprise
Sumo Logic

Sumo Logic: Sumo Logic Cloud SIEM Enterprise

Sumo Logic is announcing the availability of their new Cloud SIEM Enterprise offering, which includes a rich set of capabilities to help security operations center (SOC) personnel identify and prioritize high fidelity threats and automate the analyst workflow allowing them to better manage real security events and effectively enforce security and compliance policies. The product also provides real-time insights and intelligence SOC teams can use to quickly identify evidence of compromise and improve their ability to respond quickly by understanding the impact of an attack.

RSAC location: South Expo Hall, Booth #252

Synopsys: Polaris Software Integrity Platform (Upgrade)
Synopsys

Synopsys: Polaris Software Integrity Platform (Upgrade)

Synopsys has announced a major upgrade to its Polaris Software Integrity Platform, designed to address the issue of coding from a variety of sources while maintaining security and integrity. It gives developers access to static application security testing (SAST) and software composition analysis (SCA) via the Code Sight IDE plug-in.

RSAC location: South Expo Hall, Booth S-1135

Unisys: Unisys Stealth 5.0

Unisys: Unisys Stealth 5.0

Unisys Stealth 5.0 is the latest version of Unisys’ award-winning security software which now provides protection for data and access in container and Kubernetes environments, aimed at improving data center security and securing new workloads. Stealth offers “always on” security and resilience, aimed at stopping even sponsored, sophisticated cyberattacks.

RSAC location: South Expo Hall, Booth #455

Unisys: Unisys TrustCheck Software-as-a-Service (SaaS) Platform

Unisys: Unisys TrustCheck Software-as-a-Service (SaaS) Platform

TrustCheck is a unique cyber risk management product that offers an innovative and effective method for evaluating and understanding financial exposure to cyber risk and making effective risk management decisions. TrustCheck leverages X-Analytics, a state-of-the-art cyber risk financial analytics.

RSAC location: South Expo Hall, Booth #455

White Ops: Application Integrity
White Ops

White Ops: Application Integrity

Application Integrity enables organizations to protect against sophisticated bot-based threats including account takeover, automated account creation and web scraping. It offers real-time prevention and takedown and multilayered detection methodology that incorporates technical evidence, machine learning, continuous adaptation of detection techniques, and threat intelligence.

RSAC location: South Expo Hall, Booth #2251

XM Cyber: XM Cyber for AWS
XM Cyber

XM Cyber: XM Cyber for AWS

XM Cyber for AWS is marketed as the first breach and attack simulation (BAS) product that can simulate attacks on AWS. The solution audits AWS configurations via AWS API and uses that information to calculate different attack vectors. By simulating attacks on an organization’s AWS infrastructure, it is possible to find misconfigurations leading to risks such as IAM privileges escalations, access token theft or leveraging of the Cloud Instance Metadata API to pivot across the cloud.

RSAC location: North Expo Hall, Booth #4218

Zero Networks: Zero Networks Access Orchestrator
Zero Networks

Zero Networks: Zero Networks Access Orchestrator

The Zero Networks Access Orchestrator automates the creation, enforcement and maintenance of least privilege network access policies for each user and device to enable for an airtight, zero trust security model at scale.  It monitors the network to understand how users and machines normally communicate and then, using a patent-pending method, autonomously creates policies that confine network access to only the resources needed; when new or rare connections are attempted, a self-service, two-factor authentication mechanism is used to ensure the access is legitimate before it is allowed.  

RSAC location: North Expo Hall, Booth #5358