📡 Cybersecurity Innovation Pulse #36: LLMs for AppSec; White House OS3I; MTTD/R; Aim + Oasis Security; and More!
Covering Jan. 25th - Feb. 1st
Welcome to Issue 36 of the Cybersecurity Innovation Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments + trends in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in the cybersecurity industry, make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
If you’re a TCP subscriber, you’ve probably watched + love The Matrix (1999). Same here. Something super nostalgic and inspiring about it. Anyways, I watched it in theaters this past weekend which inspired the art piece above. This is also a nudge to unplug and be present this weekend.
Before then though, let’s dig into this week in cybersecurity innovation!
Industry🛰
First Sighting of Quantum Threats in Govt. Mandate
The Digital Operational Resilience Act (DORA) mandates EU financial entities to enhance operational resilience against “cryptographic threats, including those from quantum advancements” by January 17, 2025.
This means taking actions like those spelled out in the NIST, CISA, NSA Quantum-Readiness guidance.
Source: Security Intelligence
Whitehouse’s Open-Source Software Security Report
In 2022, the Open-Source Software Security Initiative (OS3I) was established to help secure the OSS ecosystem. The OS3I group just released their 2023 year-end report which highlights some of their accomplishments including:
Continuing to get buy in on a single federal voice for OS3 with the CIO of the OMB Office jumping on board of the OS3I initiative.
Tl;dr - After Log4Shell, the U.S. Govt. realized how crucial securing OSS is and they’re investing significantly to add structure and security to the space.
Source: The White House
AI Safety Transparency Initiative
The Biden administration will soon be implementing a policy that requires AI companies to report their safety test outcomes to the U.S. government. The admin wants to ensure that before anything is released to the public, that it meets a bar.
Source: SecurityWeek
Product🛸
Aim Security Emerges From Stealth To Tackle GenAI Security
Aim Security emerges from stealth with a $10M seed round led by YL Ventures. The startup tackles shadow AI and aims to be a one-stop shop GenAI security platform.
If that sounds familiar, it’s because last week we covered Prompt Security which also aims to be the one-stop shop for all things GenAI Security! How long until one of these gets snapped up by Palo Alto? 👀
Source: SecurityWeek
p0’s Use of LLMs for AppSec
p0, not to be confused with p0 security (IAM Player), emerges from stealth with a $6.5M seed round led by Lightspeed Ventures and joined by Alchemy Ventures.
The startup leverages open-source LLMs like Mistral and LLaMa to identify critical security and safety issues in code. This TechCrunch article goes a bit more in-depth on how they’re doing this in practice.
Pretty neat.
Source: TechCrunch
ConductorOne (C1) Unveils Access Fabric
C1 has launched Access Fabric which is essentially a mesh of your identity insights layered with security capabilities. Given C1s robust suite of integrations, this identity mesh becomes very powerful, aiming to give a 360 view of your IAM ecosystem. This is the path we should be adopting for all security domains.
Source: ConductorOne
Nozomi Teases Guardian Air for OT/IoT Security
Nozomi Networks teases ‘Guardian Air’, a wireless security sensor for operational technology (OT) and IoT. It can monitor frequencies for Bluetooth, cellular, Wi-Fi, Zigbee, LoRaWAN, WirelessHART, and drone RF protocols. Guardian Air reports back to Nozomi’s cloud platform where they will leverage “AI-powered analysis” to detect threats.
The OT/IoT space is critical for national security so it’s great to see this space continuing to mature and innovate.
Source: SecurityWeek
Venafi Launches ‘Stop Unauthorized Code’ Feature
Venafi, a player in the machine identity security space, has launched its ‘Stop Unauthorized Code’ feature to prevent unauthorized code execution with a focus on non-human identities (NHIs).
Securing NHIs is a huge pain in the ass and a cumbersome task to tackle. It’s a huge reason for the resurgence of focus on IAM.
Source: Forbes
Oasis Security Emerges From Stealth To Tackle Non-human Identities
Speaking of the importance of NHIs… Oasis Security emerges from stealth w/ $40M ( 🤑 ) seed. Led by Cyberstarts and joined by Sequoia Capital, Accel and Maple Capital. Founded by 2 IDF vets with a focus on NHIs.
The startup takes an inventorying → posture assessment → enrichment/context → remediation (plans) → NHI lifecycle monitoring approach to the problem.
Source: TechCrunch
Tradecraft🤺
Chinese Hackers' Exploiting Ivanti VPN Flaws
Chinese nation-states actors have been exploiting a few zero days in Ivanti Connect Secure VPNs to install KrustyLoader. Some of this activity has been seen as early as December 2023. Ivanti finally released patches earlier this week… 3+ weeks after it was publicly stated that these 0days were being exploited in the wild. Sadly, they also found another flaw in the process. Security is not easy.
Ivanti has 40K+ customers including ConAir, GNC, and Foxwoods Resort Casino.
If you use Ivanti or know someone who does, tell them to patch their stuff.
Source: TheHackerNews + TechCrunch
AI Attacks Demystified
The folks at IBM and Security Intelligence have put together a post that covers key GenAI and LLM attacks. It covers prompt injection, data poisoning, model evasion etc. in plain english. Pretty neat and worth checking out.
Source: Security Intelligence
Extras
US National Security Agency buys web browsing data without warrant, letter shows - Reuters
CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs' Evolving Role - DarkReading
Speed Matters: The Crucial Role of MTTD and MTTR in Cybersecurity - Intezer
Bye For Now!
Nos vemos la próxima semana! 🚀