TCP #52: Mainframe Security, Data Lineage, and More Product News!
Security Product News | June 24th - July 8th, 2024
Welcome to Issue 52 of the The Cybersecurity Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
We’re back with another issue of TCP after taking the holiday week off! If you’re in the US, I hope you enjoyed some downtime with your loved ones! If you’re not in the US, you should come visit some time 😎
Anyhow, with Hacker Summer Camp (Blackhat, DEF CON, BSidesLV, and Diana Initiative) just a month away, expect things to heat up with product launches, M&A activity, startups coming out of stealth and funding events. One of the best times of the year for our industry. If you plan on being there and would like to grab a coffee or get a workout in, hit me up!
Before jumping into product news, I wanted to highlight a few things. First, I recently wrote a guest post for my friends at Reco on why non-critical SaaS apps pose outsized risks and how attackers target such apps. During the process, I learned that there’s been an increase of dedicated SaaS security teams within orgs which makes TONS of sense. SaaS security is paramount and not just for your core apps like Okta and Salesforce, but also for things like you project management and architecture diagramming tools. Check the post out here!
Also, Datadog recently held their annual user conference, DASH, unveiling a slew of new products and capabilities across their observability and security portfolio. Datadog security products continue to gain momentum and it’s exciting to see. I cover most of the updates throughout the newsletter in their respective categories. Shoutout to my former teammates on the security research, detection engineering, and product teams!
Lastly, this year’s BSidesSF talks are live! Tons of goodies on AI security, using AI for security, data security, GRC, identity security and detection engineering. I know what I’ll be binging this weekend 🍿
Now, let’s talk product 🎬
Product News 📰
AI Security
eSentire adds MDR coverage for GenAI
eSentire, a leader in the Managed Detection & Response (MDR) space, has released their GenAI security offering. Capabilities include:
Visibility into GenAI usage across the organization
Detections for risky user/app interactions
Policy enforcement
Threat intel feed
Source: HelpNet Security
Application Security
Orca adds coverage for GitLab and GitHub
Orca adds misconfiguration checks and additional security controls for GitHub and GitLab. They’re dubbing this new offering “Source Code Management Posture Management (SCM-PM)” and they’re adding it under their cloud security platform.
This is a no-brainer and maybe a year late given the “code-to-cloud” movement and the fact that there’s been a sharp increase in attackers using SCM tools to deliver malware. Better late than never though!
Source: Orca Security
Datadog releases Interactive App Security Testing (IAST) solution
Datadog released its ‘Code Security’ solution which has interactive testing capabilities to identify vulnerabilities at runtime and provide remediation recommendations. If I had to guess, this offering will be a module within their Application Security Management (ASM) product.
Source: Datadog
Cloud Security
Datadog DASH Cloud Security Updates
Agentless vulnerability scanning for
Streamlined, one-click infrastructure-as-code (IaC) remediation
CIEM support for Azure and Google Cloud
Vulnerability scanning for Windows hosts
Added threat detection coverage for AWS Fargate ECS and EKS
Source: Datadog
Orca integrates GPT-4o for multilingual cloud asset search
By integrating OpenAI’s GPT-4o model, Orca users can now perform cloud asset searches in natural language across more than 50 languages. Think about the potential revenue this sort of GenAI implementation can unlock.. Pretty cool!
Source: SiliconANGLE
Crowdstrike Falcon Cloud Security support for Google Cloud Run is now GA
Self-explanatory ¯\_(ツ)_/¯
Source: Crowdstrike
Data Security
AWS adds end-to-end data lineage to DataZone
While Amazon DataZone is not technically a security product, I still wanted to highlight it because being able to track and visualize data lineage can be such a big boost to any data security or data infrastructure product.
Having visibility on where the data originated, where it has traveled to, where copies of the data exist, how the data has changed over time, and who has accessed it is the ultimate capability to have when securing sensitive data.
Think about this from the context of securing PHI, PII, or data that is supporting AI model development. It’s crazy to think that even top data security solutions don’t have this capability and it’s why I wanted to highlight it though DataZone is not technically a security product.
Source: AWS
1touch.io launches Mainframe SPM
It’s no secret that mainframes are still in use across many of our important industries including banking, transportation, and healthcare. However, what does come as a surprise is that they are in use by 71% of the Fortune 500, according to 1touch.io.
This creates a massive business opportunity and user need which has largely been unmet as everyone is so focused on cloud and AI security these days. This is why 1touch.io has launched a Mainframe Security Posture Management (MSPM) product which starts out by focusing on data discovery and classification powered by AI.
Idk if it’s because of my age or because I thought mainframes were being sunsetted, but I found this news to be pretty cool.
Source: DarkReading
Rest of Data Security product news ⬇️
Identity Security
AuthZed raises $12m Series A
AuthZed, an authorization startup built by the creators of SpiceDB, has raised $12m in funding in a round led by General Catalyst.
I haven’t been covering non-seed funding as of late but this one caught my eye because 1. identity security is hot and 2. the prospects of being able to conduct authZ “anything, anywhere” is great.
Source: AuthZed
IoT Security
SandboxAQ launches GPS system enabled by AI and Quantum to thwarts attacks
I’ve long been a fan of SandboxAQ and all of the work they do to secure AI and quantum. Recently, they released a GPS system that does some wizardry to prevent GPS jamming attacks.
The new system, called AQNav, combines advanced quantum sensors and artificial intelligence algorithms along with a map of the Earth’s magnetic field to provide an unjammable, all-weather, real-time navigation solution that can work even when GPS is unavailable or spoofed. - SiliconAngle
Pretty wild, no? 🤯
Source: SiliconAngle
Security Operations
Scythe launches v4.3 of their threat emulation platform
Updates include:
Attack flow designer: A visual interface to interactively develop threat campaigns
EDR and SIEM integrations: Including Crowdstrike, Sentinelone, Splunk, Sentinel, Elastic
Updated assessment module: Automated data capture and more detailed recommendations
Source: HelpNet Security
Rest of Security Operations product news ⬇️
Rapid7 acquires rival Noetic Cyber to help enterprises fix vulnerabilities faster
WatchGuard introduces NDR improvements and compliance reporting
Web Security
Cloudflare launches feature to block AI bots from scraping websites
¯\_(ツ)_/¯
Source: Cloudflare
Extras🎬
A CISO's Guide to Avoiding Jail After a Breach - DarkReading
Security Market Sees Surge with 13.38% CAGR through 2031 - Sky Quest
How adversarial AI is creating shallow trust in deepfake world - Venture Beat
Vulnerability management empowered by AI - Security Intelligence
Cybersecurity technology adoption cycle and its implications for startups and security teams -
SIEM Crossroads: Rethinking Security with AI and Beyond - TechBullion
Bye For Now!
That’s all for this week. Nos vemos la próxima semana! 🚀