Hottest new cybersecurity products at RSA Conference 2020

The RSA Conference, held in March in San Francisco, is one of the leading events for information security vendors to announce their new product offerings. Following are a few of the more interesting products being announced this year, based on information provided prior to the event. The products are listed in alphabetical order.

42Crunch claims to offer the most comprehensive API Security solution on the market, covering all phases of web API lifecycles: security audit during API design and development security testing and runtime protection. The platform used to be only available as a high-price product for large enterprises, but the company has re-architected the product and on Tuesday at the show are releasing the next generation that has self-signup and efficient free and low-price tiers.

RSAC location: The company will not have a specific booth at the show this year but will instead hold pre-arranged meetings and marketing activities with analysts (Gartner, Forrester, IDC, Aite, ESG, etc.), the media and partners.

The new Attivo Networks Endpoint Detection Net (EDN) offering is part of the Threat Defend portfolio and is designed to “ambush attackers at the endpoint.” The product’s enhanced capabilities enable organizations to detect threats across vectors, locking down the endpoint so that an attacker cannot move laterally using methods such as Active Directory recon, accessing credentials or mapped shares, discovering active ports or network assets, man-in-the-middle attacks, and exploration of lateral attack paths.

RSAC location: South Expo Hall, Booth #2127.

Cyber Armor empowers DevOps to seamlessly deploy natively zero-trust workloads across cloud-native, hybrid and multi-cloud environments. It aims to eliminate the friction between security and development by automating security and accelerating product delivery. Its identity-based zero-trust control plane assures only authenticated workloads run, communicate and access data and that integrity is kept from CI/CD to runtime.

RSAC location: South Expo Hall, booth #735F.  

Cyberint’s Managed Threat Hunting delivers proactive and continuous hunting for threats in the organization’s environment, searching for existing compromises, malicious activity, persistence or residuals from past breaches. The service leverages third-party endpoint technology and a security orchestration automation and response (SOAR) solution and is delivered by Cyberint’s cyber experts who analyze the data, enrich, do triage and respond with incident containment and ongoing
remediation.

RSAC location: North Expo Hall, booth #4425.

Devo Security Operations combines the capabilities typically found in SIEM software, threat intelligence platforms, case management solutions and user and entity behavior analytics (UEBA) products in a single solution with an integrated analyst workflow. Delivered on top of the Devo Data Analytics Platform, Devo Security Operations provides auto enrichment, threat intelligence, community collaboration, and a central evidence locker aimed at making analysts more effective in identifying and stopping threats.

RSAC location: South Expo Hall, booth #2339.

Devolutions Password Server is a Privileged Access Management (PAM) product. Devolutions created Password Server specifically for the needs of SMBs (companies with fewer than 1,000 employees). Password Server allows IT teams to control access to privileged accounts and manage remote sessions through a secure solution that can be deployed on-premises. The aim is to hopefully reduce the risks from insider threats and data breaches that often originate from credential misuse or compromise.

RSAC location: North Expo Hall, Booth #6381

Egnyte's next-generation content services platform delivers a unified approach to content governance, data privacy, compliance and workflow automation. The platform leverages machine learning and AI to give companies high levels of visibility and control over their content assets through a simple, turnkey solution. The platform also makes it easier to collaborate through content-rich workflows and to quickly access large files from remote locations.

RSAC location: South Expo Hall, Booth #3232

esCLOUD is eSentire’s new comprehensive portfolio of cybersecurity services that extends the company’s managed detection and response (MDR) capabilities and threat hunting expertise into modern cloud environments, including AWS, Microsoft Azure, Google Cloud Platform and Microsoft Office 365. esCLOUD constantly monitors customer cloud environments to detect improper configurations and vulnerabilities that could otherwise lead to data loss and compromise.

RSAC location: South Expo Hall, Booth #S-1453

The Essence SigmaDots platform offers a comprehensive security mesh, harnessing the power of distributed architecture to completely secure IoT devices. The product offers a fully embedded, distributed, and multi-layered approach. It is comprised of four pillars: on-the-edge dynamic firewall and anti-virus, distributed MQTT networking protocol-as-a-service, end-to-end encryption-as-a-service, and cloud-agnostic/on-premises platform for cyber events, operational monitoring and alerting.  These pillars can be implemented independently or as a complete solution.

RSAC location: South Expo Hall, Booth #735

SIE Batch: Security Information Exchange (SIE) is the company’s flagship security data sharing platform — it streams, in real-time, Farsight's own DNS intelligence solutions, such as the Newly Active Domains solution, as well as third-party real-time data that security professionals use to protect their organizations. SIE Batch is a new method for security professionals to more easily consume this real-time data. It is available as both a GUI (as you can see in the screenshot) and as an API. You must be a subscriber to one of Farsight's SIE real-time data feeds to use SIE Batch.

RSAC location: South Expo Hall, Booth #3338

Fidelis Elevate integrates network and cloud traffic analysis, endpoint detection and response and deception technologies. It features open threat intelligence feeds, cloud-based sandboxing and advanced malware analysis to automate threat detection, investigations and response. Fidelis enables real-time and retrospective metadata analysis for endpoint activity and network and cloud traffic, as well as automated scripts and playbooks for detection, investigation and response, with retroactive application of new indicators of compromise to historic metadata.

RSAC location: South Expo Hall, booth #1441.

Forescout 8.2 aims to accelerate the ability to identify all connected devices, compliance gaps and risks on a network, enabling organizations to act confidently and quickly to mitigate security exposures and reduce mean time to respond (MTTR) across their extended enterprise networks. This latest release also includes a new persona-centric user interface, deployment flexibility in public cloud environments, and network access control via direct integration with Arista infrastructure without the need for agents.

RSAC location: North Expo Hall, Booth #6179

FortiAI is marketed as a first-of-its-kind on-premises appliance that leverages self-learning deep neural networks (DNN) to speed threat remediation and handle time-consuming, manual security analyst tasks.

FortiAI’s Virtual Security Analyst embeds one of the industry’s most mature cybersecurity artificial intelligence directly into an organization’s network to deliver sub-second detection of advanced threats. 

RSA location: show: North Expo Hall, Booth #5855

Account Takeover Protection claims to be the first and only biometric-based solution that effectively identifies compromised accounts and blocks takeover attempts by validating users with their unique typing patterns. Administrators can automate responses to authorization failures by inserting a warning banner to the recipient, removing the message upon send, or simply logging the event for later analysis.

RSAC location: North Expo Hall, Booth #4214

With NATO Restricted Level certification, the IronKey D300 line of drives is available in Serialized and Serialized Managed models that feature an advanced level of security to safeguard sensitive information. FIPS 140-2 Level 3 certified, with 256-bit AES hardware-based encryption in XTS mode with fast data transfers that use the latest in NAND Flash and controller technology these drives aid in setting security standards, corporate policies and data loss protection best practices. The drive uses digitally signed firmware, making it immune to BadUSB, and it enforces complex password protection with minimum characteristics to prevent unauthorized access.

RSAC location: North Expo Hall, booth #4509.

Applying principles of continuous compromise assessment, LUMU has built a powerful closed-loop, self-learning solution that helps security teams accelerate compromise detection and gain real-time visibility across their infrastructure. Its cloud-based solution does this by collecting and standardizing metadata from across the network and applying artificial intelligence to correlate threat intelligence from these disparate data sources to isolate confirmed points of compromise.

RSAC location: North Expo Hall, Booth #4315

ManageEngine, the IT management division of Zoho Corporation, is announcing the launch of Access Manager Plus, a privileged session management solution for enterprises. With features like jump box support, session recording and live monitoring, the solution enables security administrators to facilitate and govern remote sessions that provide users with privileged access to critical business systems

RSAC location: South Expo Hall, Booth #2051

Cloud Data Loss Prevention (DLP) is marketed as the world’s first DLP solution powered by an Isolation Core, which monitors and prevents data exfiltration by users. By working with isolation and cloud proxy technologies, Cloud DLP identifies and tags specific data types deemed sensitive according to file type, regular expressions or set data-type libraries.

RSAC location: North Expo Hall, booth #6370.

The new NCP Authenticator App is available for mobile devices as a free download in the Apple Store and the Google Play Store. With the NCP Secure Enterprise Management Server, a time-based one-time password (generated with NCP Authenticator App) can be used as an alternative to NCP Advanced Authentication (via SMS) as a second factor.

RSAC location: South Expo Hall, Booth #3133

Netsurion is announcing the integration of the MITRE ATT&CK framework with the upcoming 9.3 release of its co-managed SIEM, EventTracker. The framework allows defenders to identify relationships between individual observations and known campaigns or threat actors, making it possible to block those tactics and enable a more effective defense.

RSAC location: South Expo Hall, Booth #241

OdoAccess is marketed as a simple to configure and deploy, secure and centralized platform that enables security teams to manage web, SSH, RDP and database access across hybrid-cloud and on-premises infrastructures, without the need for VPNs.  OdoAccess features a powerful SaaS management interface and highly granular comprehensive privileged access control to support remote corporate users, outside contractors and other third-parties.

RSAC location: South Expo Hall, Booth #735K.

Chainkit is a tool for detecting adversarial anti-forensic tampering techniques that attackers use to evade detection and prolong dwell times inside a system. Chainkit offers scalable defense for data and systems down to individual lines of code by using distributed ledger-agnostic cryptographic math to create chains of custody comprised of thousands of globally distributed nodes under separate domains of control. This aims to make compromise exponentially more expensive and impractical for attackers than the typical single node attack.

RSAC location: InterContinental (Sky Lounge on the 31st Floor), 888 Howard St, San Francisco

Perimeter 81, through an ongoing partnership with SonicWall, is announcing their Secure Access Service Edge (SASE) Platform. SASE is a cloud-native architecture model that supports dynamic secure access to organizational assets by combining multiple network technologies delivered as a service, including Secure Web Gateway, Cloud Access Security Broker, Firewall-as-a-Service (FWaaS) and Zero Touch Network Access with WAN capabilities (i.e., SDWANaaS).

RSAC location: South Expo Hall, Booth #1365

Privitar has announced the latest release of the Privitar Data Privacy Platform. The solution adds several enterprise-ready capabilities including native HIVE support and enhanced Kerberos and AWS support, giving global organizations the opportunity to dramatically improve data utilization while protecting customer sensitive data.

RSAC location: South Expo Hall, Booth #2432

ProcessUnity VRM Best Practices Configuration is a pre-configured third-party risk management program with turn-key workflows, assessments, calculations, risk analysis and reporting. Developed by subject matter experts and perfected via hundreds of successful customer implementations, this new product aims to deliver a complete “out-of-the-box” program with a high-quality, systematic and repeatable assessment process for organizations of all sizes.

RSAC location: North Expo Hall, Booth #4609

Randori says it is launching the first attack platform that continuously attacks companies with the same techniques nation-state hackers and criminal adversaries employ. Combining hacker logic with automated surveillance, exploitation and attack tooling in a scalable platform — the Randori Attack Platform performs everything from reconnaissance to exfiltration. Unlike a simulation, which replays historical attacks inside artificial boundaries, Randori provides customers the ability to safely launch real-world attacks against their production assets. 

RSAC location: North Expo Hall, booth #4136

ReversingLabs Titanium Platform is marketed as the first threat intelligence platform with explainable machine learning. With new and enhanced capabilities including new machine learning algorithm models, explainable classification and out-of-the-box security information and event management (SIEM) plug-ins, security, orchestration, automation and response (SOAR) playbooks, and MITRE ATT&CK Framework support, Titanium aims to deliver explainable insights and verification that better support humans in the incident response decision making process.

RSAC location: South Expo Hall, Booth #3311

Version 6.2 of SaltStack Enterprise, SaltStack Protect and SaltStack Comply introduces several new integrations and capabilities to help users enforce comprehensive cyber hygiene across crucial digital infrastructure.  SaltStack Protect integrates infrastructure automation and configuration management with the Tenable.io vulnerability management solution for closed-loop vulnerability remediation. SaltStack Comply now includes CIS-certified content for Windows Server 2012 and Windows Server 2019, and SaltStack Enterprise integrates with Splunk for event-driven automaton and monitoring.

RSAC location: Booth #3129 between the North and South expo halls 

Sectigo Web Security Platform provides an all-in-one solution for monitoring, alerting, remediating and patching vulnerabilities found in commonly used content managemet systems such as WordPress, Drupal, Joomla, Magento, WooCommerce, and PrestaShop. The platform detects, removes, and remediates any malware found within the code, database or as files on the server. The platform also offers daily website backups and increased speed and SEO results for the website when utilizing Sectigo’s content delivery network and web application firewall.

RSAC location: South Expo Hall, booth #2327.

Secureworks’ new Cloud Configuration Review service brings together decades of Secureworks’ security consulting SecOps experience with the innovative VMware Secure State, a public cloud security and compliance monitoring platform. The end goal of this service is to deliver an accurate assessment of a customer’s current cloud security posture, critical risks, and actionable steps to advance their security and business objectives.

RSAC location: North Expo Hall, Booth #4437

CyberFlood Data Breach Assessment evaluates the ability of an organization’s security infrastructure to detect active attackers and vulnerabilities. It provides endpoint evaluation of evasion techniques and encrypted attacks to distinguish real traffic and activities that are otherwise indistinguishable from an attacker’s live efforts. CyberFlood DBA will support a wide range of industry frameworks including Mitre ATT&CK and the NetSecOPEN Test Suite.

RSAC location: North Expo Hall, booth #5579.

Sumo Logic is announcing the availability of their new Cloud SIEM Enterprise offering, which includes a rich set of capabilities to help security operations center (SOC) personnel identify and prioritize high fidelity threats and automate the analyst workflow allowing them to better manage real security events and effectively enforce security and compliance policies. The product also provides real-time insights and intelligence SOC teams can use to quickly identify evidence of compromise and improve their ability to respond quickly by understanding the impact of an attack.

RSAC location: South Expo Hall, Booth #252

Synopsys has announced a major upgrade to its Polaris Software Integrity Platform, designed to address the issue of coding from a variety of sources while maintaining security and integrity. It gives developers access to static application security testing (SAST) and software composition analysis (SCA) via the Code Sight IDE plug-in.

RSAC location: South Expo Hall, Booth S-1135

Unisys Stealth 5.0 is the latest version of Unisys’ award-winning security software which now provides protection for data and access in container and Kubernetes environments, aimed at improving data center security and securing new workloads. Stealth offers “always on” security and resilience, aimed at stopping even sponsored, sophisticated cyberattacks.

RSAC location: South Expo Hall, Booth #455

TrustCheck is a unique cyber risk management product that offers an innovative and effective method for evaluating and understanding financial exposure to cyber risk and making effective risk management decisions. TrustCheck leverages X-Analytics, a state-of-the-art cyber risk financial analytics.

RSAC location: South Expo Hall, Booth #455

Application Integrity enables organizations to protect against sophisticated bot-based threats including account takeover, automated account creation and web scraping. It offers real-time prevention and takedown and multilayered detection methodology that incorporates technical evidence, machine learning, continuous adaptation of detection techniques, and threat intelligence.

RSAC location: South Expo Hall, Booth #2251

XM Cyber for AWS is marketed as the first breach and attack simulation (BAS) product that can simulate attacks on AWS. The solution audits AWS configurations via AWS API and uses that information to calculate different attack vectors. By simulating attacks on an organization’s AWS infrastructure, it is possible to find misconfigurations leading to risks such as IAM privileges escalations, access token theft or leveraging of the Cloud Instance Metadata API to pivot across the cloud.

RSAC location: North Expo Hall, Booth #4218

The Zero Networks Access Orchestrator automates the creation, enforcement and maintenance of least privilege network access policies for each user and device to enable for an airtight, zero trust security model at scale.  It monitors the network to understand how users and machines normally communicate and then, using a patent-pending method, autonomously creates policies that confine network access to only the resources needed; when new or rare connections are attempted, a self-service, two-factor authentication mechanism is used to ensure the access is legitimate before it is allowed.  

RSAC location: North Expo Hall, Booth #5358