TCP 51: Slow Week for Product Innovation Which Means...
Security Product News | June 17th - June 24th, 2024
Welcome to Issue 51 of the The Cybersecurity Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
This past week was pretty light on product innovation which can only mean a couple of things.. 1) Summer is officially here and 2) Product + Marketing teams are heads down preparing for BlackHat which is in about 6 weeks.
That said, there were still some great updates worth covering on the AppSec, DataSec, and SecOps front. As well as a few great articles linked in the ‘Extras’ section.
Before we jump into that though, I did want to bring your attention to Part III of my Data Engineering for Cybersecurity blog series which focuses on addressing data quality issues via data processing. It’s a deep dive on the inconsistencies across security data sources and all the trouble security teams go through to get their data in a workable state in order to perform core functions like writing detection rules.
It’s a huge reason why there’s recently been a heavy focus on security data ETL. Data quality issues lead to noise + blindspots and data processing is a huge part of the solution. As you’ll see in the ‘Security Operations’ section of this issue, more and more products are addressing this problem which is a huge win for our industry.
Quick side note, no TCP issue next week to commemorate U.S. Independence Day 🇺🇸 on July 4th. We will be back to regular programming on July 9th.
Now, let’s jump into this week’s issue!
Product News 📰
Application Security
Myrror Security introduces repository and organization grading
The team at Myrror Security recently launched a risk prioritization feature that assigns a grade to repos + organizations based on their overall security posture and criticality of the asset.
Prioritization is something all security products should double and triple down on so this is nice to see 👌🏽
Source: Myrror Security
Endpoint Security
NinjaOne adds MDM offering
NinjaOne, an endpoint management company, has added Mobile Device Management (MDM) coverage for Apple and Android devices. Given their already comprehensive platform capabilities + being #1 endpoint mgmt. solution according to G2, this probably puts them near the top of the list for MDM solutions. Kudos to NinjaOne!
Source: NinjaOne
Data Security
Veritas launches Data Insight
Veritas recently launched a new feature that enables users to classify and protect unstructured data. The new capability also helps users identify and understand ‘dark data’ or data with unknown value #cool
Source: HelpNet Security
Rest of Data Security product news ⬇️
Next DLP launches “Secure Data Flow” to answer the 4 “Ws” of data - HelpNet Security
Post-Quantum Cryptography Firm PQShield Raises $37 Million - SecurityWeek
Metomic adds DLP for Google Workspace Groups - HelpNet Security
Security Operations
RunReveal launches Detection as Code (Beta)
Many things are done “as Code” today including Infrastructure as Code (IaC), Configuration as Code, Policy as Code, etc. While Detection as Code (DaC) has also gained steam in recent years, we haven’t seen mass adoption of it as we’ve seen with IaC.
Of course, Terraform is easier to write than Python or Go and the developer ecosystem is not as mature for DaC yet. However, it’d be nice to live in a world where DaC is widely adopted. The benefits of DaC compared to query-based detections in a SIEM include:
Better version control + change management for detection rules
Use CI/CD pipeline to deploy, tune, and test rules vs. manual
Better for code reviews due to PRs
Ultimately, DaC is better for speed, efficiency, visibility, collaboration, and fine-tuning. It’s the future. Great to see that RunReveal has added such capabilities to their platform.
Source: RunReveal
Abstract Security GA’s Data Streaming Platform
Abstract bursted on the scene earlier this year looking to change the way security programs do SecOps. Interestingly enough, they seem to compete directly with RunReveal, and many ‘next-gen’ SIEMs. Anywho, they’ve recently GA’d their data pipelines which have transformation + enrichment capabilities.
I’m a huge advocate for security teams adopting advanced data engineering tactics so it’s great to see more startups productizing it! If I had a list of startups to watch for in 2nd half of 2024, Abstract would be on it.
Source: DarkReading
Extras🎬
AI Weights: Securing the Heart and Soft Underbelly of Artificial Intelligence
Resilient Cyber Newsletter #2 - New Newsletter by
🐐Productivity vs security: How CIOs and CISOs can see eye to eye
7 Challenges in Scaling SOC Operations and How to Overcome Them
Most cybersecurity pros took time off due to mental health issues
Zscaler Zenith Live ‘24 touts breach predictions, zero trust and expanded partnership with Google
Bye For Now!
That’s all for this week. Nos vemos la próxima semana! 🚀