📡 Cybersecurity Innovation Pulse #38: Nancy Pelosi Bets $1M on Platformization; AI/ML Bill of Materials?; Weaponized LLMs; Metrics FTW and More!
Covering Feb. 15th - 26th
Welcome to Issue 38 of the Cybersecurity Innovation Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products, attacker techniques, and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
Industry🛰
Platformization v. Best-of-Breed Throwdown 🥊
Lots of spicy takes on this one after Palo Alto Networks’ (PANW) Q2Y24 earnings call last week. Though PANW had a strong quarter beating analysts’ expectations, the stock took a tumble of ~28% (🤯) on the following trading day. This was due to their CEO, Nikesh Arora, highlighting that they’ll be taking a unified platform GTM approach aiming to become the one-stop-shop for all of their customer’s security needs. This new approach comes with strategic shifts that Wall St. analysts did not like such as offering free services until incumbents’ contract expired.
I made a post highlighting that the stock was overbought at time of earnings call and that more mature security teams will always prefer best-of-breed approach. Many others in the industry chimed in and dogpiled on PANW( i.e.,
) . While some came to their defense (i.e.,). All of this pressure led Nikesh to address mob on LinkedIn. He even replied to many of the comments lolSpicy stuff for sure. In my opinion, and this is not financial advice, the stock recovers and PANW deploys their army of tens of thousands of GTM, sales, and channel partners (i.e., Accenture, Deloitte) to sell the platformization story. Meanwhile, the number of organizations that go best-of-breed approach will also continue to grow.
AKA nothing changes. There will always be startups and incumbents that have better solutions and coverage than PANW and many security teams will procure their solutions. And at this point, especially after all the acquisitions, it seems like PANW will always have the widest encompassing platforms. There’s more than enough room for both ideologies to win out.
A few side notes:
As of 2/27, in pre-market trading, PANW stock is up ~20% since it reported earnings. $262 → $317 per share.
Nancy Pelosi discloses that she’s acquired nearly $1M in call options on PANW.
Seems like Nikesh was lurking on my LinkedIn post. Hi Nikesh! 👋
ProtectAI’s February Vulnerability Report
This month’s vuln report from ProtectAI includes 8 vulns. They range from arbitrary file writes to remote code execution. There’s one with a 9.8 CVSS score found in MLFlow which has been patched. ProtectAI has been calling for a specialized AI/ML Bill of Materials (BOM) to address the specific risks associated with AI development, beyond traditional software and product BOMs.
Side Note: ProtectAI is an attractive acquisition target for PANW, imo.
Source: SecurityWeek + ProtectAI
Insights from Crowdstrike’s 2024 Threat Report
Crowdstrike recently released its 2024 Global Threat Report. Below are some key findings:
110% Year over Year (YoY) increase in “cloud-conscious cases” + 75% increase in cloud intrusions.
Cloud-conscious = Refers to threat actors who are aware of the ability to compromise cloud workloads and use this knowledge to abuse features unique to the cloud for their own purposes.
Threat campaigns like Scattered Spider are leveraging GenAI to carry out more sophisticated attacks.
Identity-based and social engineering attacks continue to surge targeting account credentials, API Keys + Secrets, Kerberos and more.
The 61 page report goes in-depth on all of this including ongoing cyber warfare, emerging threat actors, and more. Of course, as a vendor, Crowdstrike has a biased PoV on some of these findings, but still an insightful report to read over.
Source: Crowdstrike
Product🛸
SeeMetrics Unveils Cybersecurity Governance Boards
SeeMetrics recently introduced a set of security governance boards designed to equip security leaders with effective oversight capabilities and metrics. This comes on the heels of the newly published NIST CSF 2.0 framework which introduces the “Govern” pillar.
It’s great to see the security metrics space getting more attention. This is a space that’s lacking yet it has much potential to help security leaders objectively showcase program effectiveness to their non-security counterparts.
Source: SeeMetrics
Cycode Adds GenAI Capabilities
Cycode recently introduced GenAI into its Risk Intelligence Graph to enhance their ASPM offering. Natural Language Processing (NLP) to query capabilities integrated across all modules in their ASPM. They’ve also recently added an “Executive Dashboard” view which is in line with SeeMetrics approach in the previous story. This seems to be a growing security product trend 🔥
Source: Cycode
Prowler Raises $6M From Decibel VC
Prowler is a security community favorite open-source cloud security solution with over 6 million downloads and almost 10K stars on GitHub. It recently raised $6M from Decibel which highlights the fact that many security teams prefer open-source tooling due to it’s transparency and flexibility among other things.
Source: VentureBeat
1Password To Acquire Kolide For Undisclosed Amount
Great Pickup by 1Password!
Source: TechCrunch
BigID Adds New Access Governance Capabilities
BigID has introduced new access governance capabilities to their data security solution which focuses on remedying overexposed sensitive data and over-privileged users across cloud and on-prem environments.
Source: SiliconANGLE
ReversingLabs Leverages AI for Enhanced App Binary Security
ReversingLabs has introduced Spectra Assure, a binary analysis tool that uses ML algorithms to detect risks + vulns in app binaries.
“It analyzes the entire software package, including first, second, and third-party components for threat detection. Spectra Assure is the only solution capable of handling large and complex software packages that are gigabytes in size, deconstructing and reporting on issues in as little as minutes or hours.” - ReversingLabs
Source: ReversingLabs
Apple Introduces PQ3: A Quantum-Resilient Security Protocol for iMessage
Apple announced the launch of PQ3, a post-quantum cryptographic protocol for iMessage, aimed at protecting against quantum computing threats.
Source: MacRumors
Tradecraft🤺
LLMs Weaponized
Researchers from the University of Illinois Urbana-Champaign have demonstrated that LLMs, like OpenAI's GPT-4, can autonomously find and exploit vulnerabilities in websites.
They used a combination of OpenAI's API, LangChain, and Playwright testing framework to simulate attacks in a controlled environment. GPT-4 showed a notable ability to adapt its approach based on website responses, successfully exploiting vulnerabilities with significant efficiency and low cost compared to human penetration testers.
Source: PacketStormSecurity
Extras
Bye For Now!
Nos vemos la próxima semana! 🚀
Thanks for the roundup .. the ability of LLMs to autonomously hack websites is going to be a game-changer I think !