Discover more from The Cybersecurity Pulse 🖥️
📡 Cybersecurity Innovation Pulse #1: Security Observability, Post-quantum Satellites, and Endless Product News
Covering Mar. 22 - Apr. 3
Welcome to the inaugural issue of Cybersecurity Innovation Pulse! I’ve decided to split the original newsletter into two, one focused on innovation and the other focused on the security market. This will allow me to deliver more targeted, in-depth content, ensuring you receive the most pertinent and captivating information tailored to the specific area you’re interested in. This pinpointed coverage of the industry will help you stay informed about market and product trends, implementations of cutting-edge technologies, and new security approaches reshaping how we secure things. If you’re not already subscribed, subscribe below to stay up-to-date on the latest developments!
Innovation in Security
The Rise of Security Observability
Security observability is making waves in the cybersecurity world, as key vendors enter the space, and articles like How Observability Has Changed in Recent Years and What's Coming Next and Using Observability to Power a Smarter Cybersecurity Strategy highlight its growing importance.
Security observability represents a breath of fresh air to the security industry and how organizations secure their applications and workloads. Security observability unlocks deep insights into system behavior by leveraging diverse data sources, such as logs, metrics, and traces, to spot vulnerabilities and threats more effectively. This includes having visibility into system performance, events and actions performed on a machine, and even the end-to-end path of specific user requests.
With the rise of AI, machine learning, and automation, it's now even easier to leverage these data sources to identify patterns and anomalies. This approach shifts cybersecurity from a reactive stance to a proactive one, allowing organizations to detect and respond to threats faster, minimize the impact of security incidents, and pave the way for continuous improvement, visibility, and system resilience. As the field continues to evolve, expect to see even more exciting innovations that will reshape the way we approach security.
If you’re interested in learning more about Security Observability, join DataDog for the upcoming Security Observability Day Webinar. The event will take place on April 18, 12PM to 1PM EST. For more details and to RSVP, click here.
Quantum Computing: The Next Frontier
While most of us are focused on the recent AI advancements, Quantum Computing has been gaining tons of momentum, and of course, with that comes security concerns. Some of these concerns are highlighted in this Tripwire article, Impact of Quantum Computing on Cybersecurity, which expands on how post-quantum cryptography (PQC) has emerged as a crucial defense against quantum threats, safeguarding data transmissions and protecting against "harvest now, decrypt later" (HNDL) attacks. The article also covers Quantum-as-a-Service (QaaS) and Quantum Key Distribution (QKD). In any case, organizations must adapt to the incoming security challenges.
Luckily, Accenture and QuSecure are already addressing this looming problem for communication from Earth to low-Earth orbit (LEO) satellites geosynchronous orbit (GEO) satellites. As we move closer to a quantum reality, it’ll be important to keep our organizations as prepared as possible while working together as an industry to secure our most critical infrastructure to prevent any kind of doomsday scenario.
If you’d like to learn more about security in the Quantum Computing age, check out this pretty neat IBM report which includes an action guide on Page 17 including actions you and your organization can take today to prepare.
The Latest Across Security Products
It’s no secret that Microsoft has been hard at work across the entire tech spectrum. so it should come as no surprise that they’ve recently unveiled Security Copilot. The solution gathers insights from several Microsoft services such as Microsoft Sentinel, Defender, and Intune to understand the environment’s security posture, whether they’re susceptible to attacks and to help identify any potential ongoing attacks. The solution also helps with remediation, threat detection, and response, and ultimately, helps make better-informed decisions faster. To watch Security Pilot in action, click here.
Microsoft also announced that their Incident Response Retainer is now generally available, offering proactive incident response services and expert assistance to mitigate security incidents quickly.
Lastly, Microsoft has also released a variety of updates to their Microsoft Defender for Cloud suite to include near-real time malware file scanning on Defender for Storage, an improved Azure security policy management experience, and their CSPM going GA.
Amazon GuardDuty is now supporting Amazon EKS runtime monitoring. This integration helps detect any unauthorized activities, potential vulnerabilities, or threats in Amazon EKS clusters. This continuous runtime monitoring uses a fully managed EKS add-on that adds visibility into individual container runtime activities, such as file access, process execution, and network connections. The solution has GA’d with over 30 detections.
Cybersecurity & Infrastructure Security Agency (CISA)
CISA releases The Untitled Goose Tool for Microsoft's cloud services, designed to detect malicious activity by identifying signs of compromise and providing actionable insights. This threat hunting and incident response tool can run investigations across Azure AD sign-in and audit logs, Defender alerts, Defender for Endpoint data, and much more. To learn more about the tool, click here, and to access the tool GitHub Repo, click here.
Monad recently announced its partnership and integration with Snyk via the Snyk Partner Solutions Directory. This will enable customers of both solutions to ingest Snyk security findings into a data warehouse and enrich them with other relevant data from the environment and other security tools.
MITRE rolls out a supply chain security prototype to help organizations mitigate risks associated with their supply chains by identifying vulnerabilities and suggesting countermeasures.
The company unveils an AI supercomputing cloud service. This service will allow customers to rent the capabilities of supercomputers. The same type of supercomputers that have been used to build ChatGPT and the like. I have to admit, this is pretty cool.
NoName Security has introduced enhancements to its API protection platform. These updates aim to help organizations secure their API ecosystem, offering advanced capabilities such as API discovery, risk assessment, and automated policy enforcement.
Obsidian Security has released a new security suite aimed at increasing SaaS security and compliance. The suite offers tools for user activity monitoring, risk assessment, and automated policy enforcement.
Orca Security has launched a GitHub app to enable DevSecOps, helping organizations integrate security into their development pipeline. The company has also integrated the MITRE ATT&CK framework into its platform, providing customers with comprehensive insights into potential cyber threats.
NTT has launched a cloud-native Managed Detection and Response (MDR) security service. The new service helps organizations detect and respond to cyber threats and offers comprehensive coverage across cloud, on-premise, and hybrid environments.
Elastic has expanded its cloud security capabilities for AWS, offering new features and integrations for the Elastic Security solution. The enhancements help organizations monitor and secure AWS workloads and resources more effectively.
Skyhawk Security has added ChatGPT functionality to its threat detection process. The integration enables improved threat detection capabilities by leveraging the AI technology.
ExtraHop and CrowdStrike
ExtraHop and CrowdStrike have teamed up for threat detection and response integration, combining their expertise to offer comprehensive security solutions for organizations.
Wiz announces a new Canadian data center deployment to expand its cloud security services in the region, offering customers greater data sovereignty and compliance options.
BlackBerry and Adobe
The two companies partner to create a mobile secure forms solution, combining BlackBerry's secure platform with Adobe's form creation capabilities to enhance data privacy and security in mobile forms.
The firm debuts Masked-AI, an open-source tool to help secure sensitive data of public APIs through artificial intelligence. Masked-AI currently masks sensitive info such as credit card and phone numbers, individual names, and more. To access the open-source tool’s GitHub Repo, click here.
Who’s protecting your protector? Guardz has launched a managed services offering for Managed Service Providers (MSPs) to help manage security operations more efficiently, providing expertise and resources to enhance their client's security posture.
Socura introduces Managed SASE (MSASE) service to secure the hybrid workforce and simplify network security management, offering a comprehensive solution for distributed networks and remote workforces.
Andddd that’s a wrap for our first issue of the Cybersecurity Innovation Pulse! If you have any feedback or questions, never hesitate to drop comment or reach out via LinkedIn. Subscribe and stay tuned for more!