📡 Cybersecurity Innovation Pulse #24: Cisco for World Domination💰; MSFT Exposes 38TB of AI Data; Semgrep Secrets; Sec Automation Market Booming; and Tons of Security Product News
Covering Sept. 14th - 21st
Welcome to Issue 24 of the Cybersecurity Innovation Pulse! I'm Darwin Salazar, your compass to the dynamic world of cybersecurity innovation. Each week, I deliver the latest on product debuts, groundbreaking innovations, strategic collaborations, and other developments at the intersection of innovation and cybersecurity. Digging these updates? Subscribe and get the intel delivered straight to your digital doorstep, ensuring you're always in the loop 🚀
Intro
After a much-needed three-month break, I've landed a great role at Monad, spearheading product growth. It's a bit of a pivot from my time being knee-deep in cloud security and detection engineering, but it’s kind of a dream role that’ll allow me to pull from everything I’ve learned so far while contributing to our data-driven future.
Rest assured, your Thursday dose of cybersecurity innovation news isn't going anywhere. I'm gearing up to bring you even deeper dives (similar to this one on AI in Security Products) and more of my own 🌶️ takes on where our industry is headed.
Now, let’s jump into all the fun, innovative stuff that transpired in our industry over the past week! 👾
🗞️Top Stories 🗞️
Cisco to Acquire Splunk for $28B
This was not in my bingo card for 2023 but Cisco has been gobbling up companies over the past year with recent notable acquisitions like Lightspin (CNAPP) and Oort (Identity Detection and Response).
This uniquely positions Cisco as the only vendor with a SIEM, CNAPP, XDR, ASM, WAF, Email Security… you get the point. It seems like Cisco’s strategy here is to become a one-stop shop for all things security through acquisitions. Hopefully, their capability to consolidate solutions and merge code bases to create a pleasant user experience fares better than their competitors🤗. This will be an interesting HBS case study in 8-10 years.
Source: Cisco
Wiz Uncovers Exposure of 38TB of Private Data from Microsoft AI Research
Microsoft had a bit of a whoopsie, unintentionally exposing 38TB of private AI data on GitHub, thanks to an overly permissive SAS token. Wiz, the discoverers on this, pointed out that this wasn't just random files; think passwords, secrets, and a stash of 30,000 internal Teams chats. I would add my take on this but Microsoft has had a pretty rough year so I’ll move on to the next.
Source: The Hacker News
OpenAI Opens Applications For Its Red Teaming Network
OpenAI announced that it’s taking applications for its red teaming network which aims to build safer Artificial General Intelligence (AGI) by finding system flaws before attackers do. They’re looking for experts from a variety of fields including anthropology, finance, security, and even chemistry. Technical ability is not a hard requirement. Applications are open until Dec. 1st. Accepted members will be compensated. This is a pretty cool opportunity. I applied 👨🏼🚀
Sources: OpenAI
Security Automation Market to Reach $16.7B by 2028
The security automation market is on a trajectory to reach $16.7B by 2028 from $8.9B in 2023 at a CAGR of 13.4%, according to Digital Journal. AI and ML will certainly play a pivotal role in the growth of this security sector.
The report predicts that SOAR will continue to account for the largest share of the pie while predictive analytic tools will have the highest CAGR during the forecasted period.
Source: Digital Journal
Palo Alto Networks Closing in on Talon for $600M
Palo Alto Networks is in the advanced stages of negotiations to acquire the secure browser firm Talon for $600 million. This move comes as part of Palo Alto's aggressive expansion strategy, which has seen them acquiring several companies (i.e., Cider Security, Apiiro) to bolster their cybersecurity offerings. The acquisition of Talon, a company renowned for its high-fidelity web isolation technology and 2022 RSA Innovation Sandbox winner, would enhance Palo Alto's ability to secure web browsers against cyber-attacks. This deal underscores the growing emphasis on securing browser environments as they become a critical point of vulnerability with the increasing reliance on web-based applications in the corporate world.
Source: GovInfoSecurity
🛰️Security Product Innovation 🛰️
Monad Launches Self-Serve Version Free of Cost for Up to 1M Rows
Monad has recently released Monad Basic which allows users to ELT (extract, load, and transform) data from a variety of security solutions into a unified schema be it the Monad Object Model, OCSF, or a custom schema. The self-serve version is free for up to 1 million rows and the data can be loaded into an S3 bucket, Databricks, Snowflake, Amazon Security Lake, or other places where you put your security data. For teams considering adopting a more data-driven security approach by building a security data lake or more advanced use cases like ML-powered predictive analytics, Monad aims to take on the data wrangling required to get your data neatly in one place.
Source: Monad
ExtraHop Shares Machine Learning Dataset
ExtraHop recently released a vast 16 million-row dataset intended primarily for DGA (Domain Generation Algorithm) detection research, a critical component in neutralizing Botnet C&C networks. Their commitment to sharing stems from the belief that open data not only enhances the global research community's effectiveness but also invites further collaboration and transparency. As we move into a more data-driven world due to AI/ML, I feel that large vendors and cloud providers should publish more security-focused datasets so that we, as a community, can continue to refine our tools and approach.
Source: MSSP Alert
Semgrep Secrets
Semgrep has rolled out Semgrep Secrets, a tool designed to pinpoint sensitive credentials within code. Distinguishing itself from traditional secret scanners, it employs semantic and entropy analysis for a deeper understanding of how different secret types are passed in code, ensuring more comprehensive coverage compared to traditional scanners. The solution also performs a reachability assessment to validate whether the secret is still active or not. The solution is now in Private Beta so it might be some time before it hits GA.
Source: Semgrep
Wiz and Microsoft Sentinel Join Forces
Wiz is collaborating with Microsoft Sentinel to help enhance security visibility for mutual customers. The partnership will enable users to ingest Wiz findings into Sentinel to correlate with Azure logs, visualize key security metrics, and help enhance automated remediation workflow capabilities.
Source: Wiz Blog
SentinelOne Unveils New Digital Forensics Product, RemoteOps
SentinelOne has released a new digital forensics product that allows teams to automate the collection of forensic evidence and helps add context to threat investigations through enrichment. The details of how the RemoteOps solution works are pretty cool. More details in the link below.
Source: MSSP Alert
OpenTofu: The New Name in the Linux Foundation
The Terraform fork has been rebranded from OpenTF to OpenTofu and has officially joined the Linux Foundation. This move is expected to foster greater community engagement and collaboration due to the Linux Foundation’s stamp of approval. OpenTofu aims to be an open-source community-driven project; the way that Terraform was originally intended to be used.
Source: TechCrunch
Fairly AI Aims to Demystify AI Risks for Companies
Fairly AI has set out to help companies better comprehend the risks associated with AI technologies. The startup offers a platform that aids businesses in understanding and managing the potential pitfalls and compliance requirements tied to building out AI apps. According to Stanford’s 2023 AI Index, 37 new AI-related bills were introduced in 2022. That number will surely continue to climb posing a challenge to orgs looking to build AI apps and products.
Source: TechCrunch
DiG Security Upgrades DSPM Platform
DiG Security has updated its Data Security and Privacy Management (DSPM) and data detection and response (DDR) capabilities to cover Office365 and on-premises file share environments
Source: Dark Reading
SecurityScorecard and Measured Insurance Aim to Reduce Cyber Premiums
In a collaborative effort to modernize and lower cyber insurance premiums, SecurityScorecard and Measured Insurance have announced a partnership. The partnership will leverage SecurityScorecard's security ratings to help offer more favorable insurance terms to companies with strong cybersecurity postures. SecurityScorecard is hated by some; loved by few but in a world where security is under the microscope 24/7, having a rating that is benchmarked against thousands of other orgs does help light a fire under folks arses and may even help with budget increases. SecurityScorecard = big brain.
Source: MSSP Alert
Oracle Boosts Identity Management with New Features
Oracle is enhancing its identity management offerings, introducing features that allow customers to bring and manage their own encryption keys. This upgrade is designed to give users more control and security over their data. Oracle also mentioned that the updates will provide more granular logging on its Oracle Access Governance solution.
Source: SiliconANGLE
What Else I Read/Listened To This Week 🤓
AI Attacks and LLM: Security Matters - Nathan Hamiel, PSW #799 - SecurityWeekly
Expensive Investigations Drive Surging Data Breach Costs - BleepingComputer
The Interdependence between Automated Threat Intelligence Collection and Humans - HackerNews
Conclusion
That's all for this week, team! I hope you found this issue insightful. Remember, your feedback shapes the future of this newsletter, so drop me a line on what resonated with you or what you'd like to see more of. If you believe others can benefit from these insights, share the love and encourage them to subscribe. Every week, I dive deep into a sea of headlines to curate the most pivotal stories in cybersecurity innovation just for you. Your continued support is a testament to the value this brings. Catch you in the next issue!