Hottest cybersecurity products at RSA 2018
The RSA Conference has become a key venue for cybersecurity vendors to announce new products. Here are a few of the most interesting new tools being shown there.
RSA Conference kicks off
Visitors to RSA, the world's largest security conference held in San Francisco in April, can hear about the latest strategies for fighting cyberattacks. They can also check out the exhibition areas, where they can see the latest hardware and software to protect their valuable corporate assets. Here's a quick run-down of some of the new products announced at the conference or shown there for the first time.
Cybersecurity Asset Management Platform
Key features: Gives you a comprehensive view of all devices on your network using an extensible plugin system to gather data from the security and management tools you already have, including identity and authentication systems, NAC, firewalls, vulnerability scanners, switches, SIEM, EDR, and more.
Axonius
beSOURCE
Key features: beSOURCE is a static application security testing tool that aims to educate developers about the problems it finds. It's built on a compiler-free inspection engine and works with several programming languages. The first release is a stand-alone tool for individual developers; future versions will support enterprise and cloud deployments.
Beyond Security
HaXM
Key features: HaXM is an advanced persistent threat (APT) simulation platform that automatically attacks your network and then reports on how any vulnerabilities discovered can be remediated. It can be run on premises or from the cloud.
Redback
Key features: SIEMonster's Redback security monitoring appliance will keep tabs on the internet of things in your home or small office, sending alerts of hacking attempts or available firmware updates to your smartphone. Redback will run Cog Systems' D4 Secure platform to encrypt storage, harden the OS and secure its VPN link to the SIEMonster cloud.
SIEMonster and Cog Systems
Kenna Application Risk Module
Key features: The Kenna Application Risk Module combines information from static and dynamic application security tests, bug bounties and exploit intelligence to score risks by application and by vulnerability. Part of the Kenna Security Platform.
Kenna Security
Starlight
Key features: Aella Data reckons its Starlight pervasive breach detection system can detect a breach within minutes, rather than days. Its network telemetry captures information from layers 4 through 7, allowing it to identify session duration and the applications used.
Aella Data
ORION 2.0
Key features: This agentless software suite provides remote-access capabilities for global defensive network operations and live threat analysis. Version 2.0 improves scalability and performance, and adds a new dashboard with customizable analytics, and a new API for integration with existing endpoint monitoring and SIEM (security information and event management) products.
root9B
Secdo Alert Correlation
Key features: The causality analysis tool collects streams of data from all corporate endpoints, analyzing them in real time to highlight how threats enter the network. If several streams match threat patterns, the system presents them in order of danger. Alert correlation is part of Secdo's endpoint security and incident response platform.
Secdo
FireMon Global Policy Controller
Key features: Enforces global policy by automatically performing compliance checks before applications or assets are pushed onto the network. Can translate business intent into specific security rules, offering self-service security to devops and other application owners. Allows fine segmentation of policies and adapts to network changes.
FireMon
ForeScout CounterACT
Key features: CounterACT is an agentless device visibility platform. It can auto-classify enterprise devices based on crowd-sourced information on over 3 million different device types. Version 8 of CounterACT now supports up to 2 million devices in a single enterprise manager.
ForeScout
Fidelis Elevate
Key features: Fidelis Elevate has been upgraded. Its deception module now extends to the cloud, using active decoys that mimic critical assets to lure attackers away from real assets. On the network, its retroactive detection of newly found indicators of compromise has been augmented with a sandbox analysis report of the object found. The endpoint module now presents analyst with event details on a timeline to provide context.
Fidelis Cybersecurity
OTX Endpoint Threat Hunter
Key features: This threat-scanning service is available free to any registered user of Open Threat Exchange. Based on over 19 million indicators of compromise contributed to the exchange by its 80,000 participants, it allows security staff to hunt for threats on critical servers without recourse to other products. The AlienVault agent runs on Windows and Linux hosts and endpoint devices.
AlienVault
Arxan Threat Analytics
Key features: This threat alerting service, available to Arxan Application Protection customers, allows apps to phone home to report their status. Knowing when their apps are under attack, or running in a risky environment such as on a jailbroken device, allows business to take appropriate countermeasures. Arxan compiles the threat data anonymously to provide customers with details of attack trends.
Arxan Technologies
SecureData@Optiv
Key features: A reference architecture for deploying a secure data lake, SecureData@Optiv can be used to run analytics for security functions including situational awareness dashboards, incident detection and response, vulnerability scanning, compliance and e-discovery. It is built on open source and big data platforms including Elastic, Splunk, Phantom Cyber and Streamsets.
Optiv Security
Meta NaaS
Key features: Meta NaaS provides a worldwide virtual overlay network with a global backbone, routing and securing traffic inside a software-defined perimeter according to identity-based policies. Auditing and analytics tools support anomaly detection and compliance.
Meta Networks
CrowdStrike Real Time Response
Key features: A new feature added to Falcon Insight, Real Time Response is designed to help customers contain compromised systems remotely so they can investigate and eradicate threats.
CrowdStrike
SonicWall Capture Cloud Platform
Key features: SonicWall Capture Client now features advanced endpoint security and rollback capabilities. Other elements of the Capture cloud platform have been enhanced: Capture Security Center now offers customer-specific visibility and device management, while Capture ATP customers benefit from protection from memory-based attacks thanks to deep memory inspection capabilities.
SonicWall
GuardiCore Centra Security Platform
Key features: Centra Security Platform offers containerized workload protection for the data center. With it, IT security teams can see every container, pod and service, visualize their communication flows, and secure them with micro-segmentation policies. It can detect threats within individual containers and quarantine them.
Guardicore
GDPR Data Risk and Endpoint Readiness Assessments
Key features: Absolute can deliver its no-cost Data Risk assessment for smaller organizations seeking compliance with the European Union's General Data Protection Regulation (GDPR) in around a month; the more painstaking Endpoint Readiness Assessment takes around six weeks, and its cost varies with the number of endpoints assessed. It covers visibility into data and devices, effectiveness of key security tools, and the timeliness of incident response.
Absolute Software
Jazz Platform
Key features: A tool for preventing data loss and insider attacks, Jazz Platform takes a machine learning approach to identifying unusual behavior rapidly and blocking it or seeking verification and approval in real time. It has been trained on large datasets, but continues to learn from your staff.
Jazz Networks
DDoS Hybrid Defender
Key features: F5 Networks' updated DDoS Hybrid Defender combines an on-premises appliance coupled with a cloud-based scrubbing service that can handle the overflow from exceptionally large attacks. The appliance works at the network and application layers, spotting application-level attacks that are hurting performance and developing custom mitigation signatures automatically.
F5 Networks
NetProtect and SiteProtect NG
Key features: These two systems defend against DDoS attacks in different ways. NetProtect sits in the data center (its deployed in 61 already) and offers support beyond basic proxy and VPN services. It requires no additional software or hardware to transfer data across networks, and so avoids opening additional avenues of attack. SiteProtect NG mitigates web application attacks.
Neustar
Copyright © 2018 IDG Communications, Inc.