TCP #50: AWS re:Inforce, Splunk .conf24, and more product news!
Security Product News | June 10th - June 17th, 2024
Welcome to Issue 50 of the The Cybersecurity Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
Today marks the 50th issue of TCP and we’ve also recently cracked through 3K subscribers at a rate of ~6 new subscribers per day. It’s not much but it’s honest work haha. Anyways, I hope that my insights and weekly digest on security products have been helpful to you in some form or fashion and I’m excited for the next 450 issues of TCP 🎉
That said, this past week was jam-packed with announcements from Splunk’s annual conference, .conf24, and from AWS re:Inforce so without further ado, let’s jump into a…
Fun fact! → The Microsoft logo in this week’s header was their first logo and was in use from 1975 to 1979 🆒
Now, we can jump into product announcements!
Product News 📰
AI Security
Aim Security raises $18m Series A
Israeli-based GenAI security startup, Aim Security, has raised $18m in Series A funding just 6 months after raising a $10m seed.
While some may be scratching their heads at the quick follow-up round, I think it makes complete sense given the extremely competitive nature of the GenAI security landscape at the moment.
The money will probably go towards R&D and continuing to find product-market fit (PMF). Both of which are extremely expensive, especially in the GenAI era.
Source: Aim Security
Application Security
Backslash product gets slew of updates
Updates include:
Reachability analysis including identifying transitive vulns
Support for GitHub Enterprise Server+On-prem
Language support for C, C++, Ruby, Rust and Scala
Integrations w/ GitLab Pipelines, Github Actions, and Azure Pipelines
Source: DarkReading
Checkmarx launches two new products
Checkmarx launches their ASPM offering and a “Cloud Insights” product. Both leverage an organization’s existing AppSec + SDLC tech stack to provide more contextualized findings and security recommendations.
The Cloud Insights product leverages integrations with Sysdig, Wiz, and AWS.
Source: SiliconAngle
Cloud Security
AWS re:Inforce was last week which means we have tons of updates on the cloud security front. While some of these could also fall under other categories, such as IAM, I’ll list them all here for simplicity’s sake:
Introducing Amazon GuardDuty Malware Protection for Amazon S3 - AWS Security Blog
Pretty cool feature that requires uploaded data from untrusted entities to be scanned for malware + enables object tagging to aid downstream workflows and handling of malicious objects.
IAM Access Analyzer Update: Extending custom policy checks & guided revocation - AWS Security Blog
AWS adds passkey multi-factor authentication (MFA) for root and IAM user - AWS Security Blog
Simplify risk and compliance assessments with the new common control library in AWS Audit Manager - AWS Security Blog
Centrally manage member account root email addresses across your AWS Organization - AWS Security Blog
Rest of Cloud Security product news ⬇️
Wiz adds custom runtime rules and response policies capabilities - Wiz
Google Cloud launches GKE Compliance to help streamline compliance w/ industry standards - Google Cloud
Data Security
Pyte has raised $5m to boost secure computing
Pyte seems to be an emerging player on the data security space and their tackling a problem that’s top of many CISOs, CTOs, and CIOs minds. Training AI/ML models on sensitive data while ensuring security and privacy 🆒
Pyte’s proprietary Secure Multiparty Computation (SMPC) technology makes it easy to run AI or ML computations on encrypted data, without the need to move or decrypt the data. - Eduard Kovacs, SecurityWeek
Source: SecurityWeek
Email Security
Microsoft announces updates to Outlook personal tier
Microsoft will be phasing out basic authentication for personal Outlook accounts beginning on September 16, 2024. Users will need to move away from email/password auth to token-based MFA. Kudos to MSFT for this 👏🏽
Microsoft will also be deprecating some services and has some less important end-of-life announcements (EoL).
Source: Bleeping Computer
Governance, Risk, and Compliance (GRC)
Prevalent gives TPRM an AI boost
Prevalent, a third-party risk management (TPRM) vendor, has added a few AI enhancements to its core product. The updates enable it to gather insights on supplier’s risk scores and to integrate with spreadsheets which is where most of GRC work gets done. IYKYK.
Source: HelpNet Security
Identity and Access Management (IAM)
SailPoint introduces AI-powered application onboarding capability
SailPoint is now leveraging AI to help onboard new apps and users to its solution. Capabilities include GenAI-generated recommendations and best practices for hardening IAM on a given app + ‘AI-powered’ app discovery.
Source: HelpNet Security
SaaS Security
Netskope extends security and data protection for Google Workspace users - HelpNet Security
Security Operations
Splunk.conf24 Highlights
Another big conference that took place last week was Splunk’s .conf24. This one was intriguing that it’s their first annual conference since Splunk joined Cisco. While Splunk’s observability and IT product portfolio’s got a slew of updates, we’ll only focus on their security stuff.
Below are the key security product updates from the conference:
AI assistant to help optimize SPL queries + use natural language to derive SPL queries.
The impact of this is pretty significant. I can’t tell you the amount of time that is spent fine-tuning a detection to filter out noise or performing investigations. This should help cut that in about 50% or more.
Splunk Enterprise Security v8.0
More unified experience between Splunk ES and Splunk SOAR for better workflow building experience
Federated Analytics
Cisco Talos threat intelligence integration with Splunk security products
Side note: Most of the product updates won’t be generally available until August/Sept. 2024.
For a full play-by-play breakdown of the conference, check out ITPro.com
Source: Splunk + HelpNet Security
Rest of Security Operations product news ⬇️
NetSPI acquires Hubble to address asset and exposure management challenges - HelpNet Security
YetiHunter: Open-source threat hunting tool for Snowflake environments - Permiso Security
Acronis XDR enhances EDR with comprehensive cybersecurity for MSPs - HelpNet Security
Extras🎬
4 Ways to Help a Security Culture Thrive - Dark Reading
Mapping Snowflake’s Access Landscape - SpecterOps
Microsoft Incident Response tips for managing a mass password reset - Microsoft
Meta Pauses European GenAI Development Over Privacy Concerns - InfoSecurity Magazine
Ep. 365 of Enterprise Security Weekly with myself,
,, and !! 🔥
Bye For Now!
That’s all for this week. Nos vemos la próxima semana! 🚀