TCP #48: But Can Your Product Predict Attacks?
Security Product News | May 28th - June 3rd, 2024
Welcome to Issue 48 of the Cybersecurity Innovation Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
What’s up! Welcome to a night-time edition of TCP. This week’s issue is packed with AI security product updates and a fair mix of IAM + Zero-Trust product announcements.
With the recent Santander and TicketMaster news, Zero-Trust has been in the spotlight and in my opinion, is an approach that should continue to get more traction. Seems like if the victims had MFA enabled, there would be no breach. The details are murky around these breaches with lots of back and forth so I won’t dive into it. However, Jack Naglieri from
has a great write-up on the latest developments in this drama, which I highly recommend checking out.Also in the SecOps section, you’ll find a vendor that’s making bold claims about predicting attacks and preemptively blocking them before they happen AND they’re backing it with a 10x money back guarantee… Pretty wild, imo 🤯
That said, let’s jump into last week’s product news!
Product News 📰
AI Security
TrueCaller AI Phone Scanner
You remember how several months ago there were those viral tiktoks and articles on voice clone scams tricking unsuspecting victims into sending money to scammers who used AI-generated voice clones to impersonate their loved ones? Pretty scary stuff that led me to create a secret word within my family that we could all use if we ever wanted to verify our identity over phone or text.
Recently, TrueCaller released a feature called ‘AI Call Scanner’ which can detect most AI-synthesized voices. With deepfake and voice cloning technology becoming more accurate and getting in hand in the hands of criminals, security teams need to consider how they can prevent these types of social engineering attacks from impacting their VIPs (e.g., c-suite) and organizations at large.
This is a growing threat which is why Reality Defender won the RSAC Innovation Sandbox last month and why we will continue seeing more investments in the space.
Source: HelpNet Security
Rest of AI Security product news ⬇️
Immuta releases new multilayer data security architecture for RAG-based AI solutions 🆒 - SiliconAngle
Zendata raises $2M to redefine AI governance and data privacy with no-code platform - VentureBeat
NIST unveils ARIA to evaluate and verify AI capabilities, impacts - Help Net Security
Wiz AI-SPM model scanning: Securely innovate with AI community models - Wiz
Aporia introduces real-time guardrails for multimodal AI applications - SiliconAngle
Application Security
Data Security
Identity and Access Management (IAM)
Fido Alliance introduces Face Verification Certification for remote biometrics - Finextra
Dashlane unveils ‘Nudges’ feature to reduce the risk of credential theft - HelpNet Security
Adaptive Shield adds ‘Permission Inventory’ feature to streamline IAM for SaaS apps - HelpNet Security
Security Operations
BforeAI releases breach protection guarantee
BforeAI is a startup that’s focused on preemptively stopping attacks before they even start by predicting them. Something straight out of the Minority Report movie. Sounds like a wild claim at first but they’re touting a 0.05% false positive rate which is pretty impressive and they’re no backing it with a money back guarantee.
PreCrime Guarantee reimburses customers up to ten times the value of their service contract if impacted by a cyberattack due to a failure by BforeAI's predictive solution… BforeAI underwent a stringent, nine-month process in which the insurance partner validated the effectiveness of the artificial intelligence platform against BforeAI's go-to-market claims. - DarkReading
I’m not sure how practical the product is nor do I personally know any of their customers and I’m sure there’s lots of red tape in fine print but to come out and boldly state that your product can predict attacks and then back it with a 10x money back guarantee is pretty ballsy.
Source: DarkReading
Zero Trust Security
Prosimo and Palo Alto Networks collaborate to bring zero trust to multicloud environments - SiliconAngle
Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero - SecurityWeek
Lacework extends platform capabilities with security service edge product for zero-trust connectivity - SiliconAngle
Extras🎬
9 Tips to Avoid Burnout in Cybersecurity - DarkReading
An interview with the most prolific jailbreaker of ChatGPT and other leading LLMs - VentureBeat
How to Build Your Autonomous SOC Strategy - The Hacker News
Evolving Security Operations With AI - Forbes
Bye For Now!
I hope you’re all doing well and enjoying the start of your summer. With it being an election year and so much going on in the news and across the globe, remember the importance of tuning out, expressing gratitude for all you have and being present with your loved ones. Cheers, y’all.
Nos vemos la próxima semana! 🚀