Welcome to Issue 46 of the Cybersecurity Innovation Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
Most product and marketing teams are just now recovering from RSA so this past week wasn’t a very busy one. However, we did get some long anticipated consolidation in the SIEM space and some pretty cool new features.
Before we jump into things, a quick note that we’ll now be shipping every week on Tuesdays instead of Thursdays. This just works better for my overall schedule and will allow me to be more consistent with shipping every week! 🚢
Now, let’s jump into this past week’s action!
Finally. SIEM Consolidation.
Wednesday, May 15th, 2024 will go down in the SIEM history books. LogRhythm and Exabeam announced that they will be merging while Palo Alto Networks (PANW) and IBM announced a “partnership” that includes the acquisition of IBM’s QRadar SaaS platform.
There’s tons to unpack here and many have already done a great job of dissecting what this means for customers and the future of security operations so I’ll spare you what’s already been covered. The three things that I’ll highlight are:
The highlights of the PANW x IBM partnership is that PANW will be migrating QRadar SaaS customers to XSIAM *and* that the partnership includes training for over 1K IBM consultants to deploy PANW solutions. PANW already has the strongest channel partnerships in the game with Deloitte and Accenture. Adding 1K+ to their army of implementers is a force multiplier for regardless of which way you slice it.
Exabeam and LogRhythm merger hints that they’ve somewhat accepted their fate and understand that the next wave of SecOps platforms would probably put them out of business if they didn’t do something drastic. Innovate or die season is here.
The security industry is ripe for consolidation. SIEMs. ASPMs. CNAPPs, Identity, AI security etc. These product categories each have 10+ vendors in the space offering very similar capabilities and clawing for market share. Aside from the 2-3 leaders in each category, the other players have very few options or pathways to success. M&A is the best option, imo.
That said, the team at Forrester has put out some great analysis worth reading for a deeper dive on this activity and what it may mean for the future of SecOps tooling:
At the end of the day, with the recent M&A, security programs “un-splunking”, and emerging players, the SIEM space is ripe for disruption.
Product
Application Security
Cycode launches integration marketplace
Software supply chain security has a wide-ranging scope with many touchpoints throughout the SDLC. For an ASPM solution to truly be effective and provide security coverage end-to-end, it must play nice with a security program’s existing tooling, especially on the CI/CD pipeline front.
Kudos to Cycode for launching their integration marketplace which has 100+ integrations. Anyone know if there are other ASPMs with deep integration marketplaces like this? Lmk in the comments if you know of any!
Source: SiliconAngle
Cloud Security
Resourcely introduces Really
Something so critical as enforcing security guardrails at the IaC template level should be easy and as dummy-proof as possible. Rego is an option for this, however, if you’ve spent much time writing Rego, you’ve probably wanted to toss your laptop off a bridge and start a new career.
Writing performant, clean Rego code is a pain in the ass and is not the policy language of the security world. The folks at Resourcely understand this and the importance enforcing guardrails to prevent cloud misconfigurations so they created “Really”. A simple policy language that enables teams to deploy easy-to-read cloud resource policies.
Policies previously expressed in Rego with 20+ lines of code can now be written in 5 simple lines of code. I wish this had existed 2 years ago lol. Kudos to the Resourcely team on shipping a truly great feature 🎉
Source: Resourcely
Wiz introduces automated blast radius and root cause analysis for cloud incident response
Super cool. Our industry places too much focus on the left of an incident/attack and not enough on the right side of it. Not enough ppl with skillsets spanning the right side so anything to streamline DFIR is a big W.
And don’t quote me on this, but, this seems like capabilities they inherited through their acquisition of Gem Security. If so, kudos to the involved product teams for the quick turnaround + implementation!
Source: Wiz
Data Security
Zscaler launches new data protection features
New additions to their Data Protection Platform include:
Data Security Posture Management (DSPM)
Email DLP
Auto Data Discovery
Source: SiliconAngle
Identity and Access Management (IAM)
ConductorOne Introduces Access Conflicts
Manually enforcing separation of duties across the enterprise is impossible. The rise of multi-cloud, SaaS sprawl, and 3rd party risk do not make it any easier. The team at ConductorOne have released a feature to their Identity Governance and Administration (IGA) solution to help streamline this process in a simple fashion.
Kudos to the C1 team! 🎉
Source: ConductorOne
Security Operations
Extras🎬
CISOs and Their Companies Struggle to Comply With SEC Disclosure Rules
The GenAI D&R Revolution Begins -
Palo Alto Networks and Accenture help organizations accelerate AI adoption
Bye For Now!
Nos vemos la próxima semana! 🚀