TCP #53: Wiz Readying for IPO? and Product News
Security Product News | July 8th - July 16th, 2024
Welcome to Issue 53 of the The Cybersecurity Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
As I'm sure you've heard by now, there are rumors swirling that Google is planning to acquire Wiz for ~$23B. This would be great news for cloud security vendors considering that Wiz has been eating up tons of market share ever since they busted on the scene.
However, I don't think that the acquisition makes much sense and while I don't like to speculate, I don’t believe that the deal will happen. I think we'll see Wiz continue it's acquisition spree and will IPO in the next 2-3 years. Wiz was last valued at $10B and the rumors of a sale at $23B will certainly help Wiz justify a much higher valuation regardless of what they do next.
Anyways, lots to discuss on the security product front. The Data Security and SecOps spaces are still scorching hot while AI security has cooled. Let’s get into things 👀
Product News 📰
Application Security
OpenText launches ‘Fortify Aviator’
OpenText launches 'Fortify Aviator' which is an AI-powered Static Application Security Testing (SAST) solution aimed at more accurately identifying true vulnerabilities.
Pretty interesting name for a SAST tool….
Source: SiliconANGLE
Data Security
Normalyze extends DSPM coverage to Snowflake
Normalyze, which is built on Snowflake, has extended its DSPM coverage to Snowflake. Features include automated data discovery and classification, access management and risk monitoring. The module also leverages Snowflake Horizon's native security and compliance capabilities.
Source: Normalyze
Rest of Data Security product news ⬇️
Druva adds threat hunting and managed data detection and response capabilities
Quantum Xchange CipherInsights product updates to aid in migration to post-quantum safe cryptography
Identity Security
Okta ISPM and Highly Regulated Identity products now in GA
Just this past Monday, Okta launched their Identity Security Posture Management (ISPM) product in GA in North America. Okta also launched "Highly Regulated Identity" tailored toward identities in highly regulated environments with stronger authentication requirements and some magical integrations with their risk engine.
Okta also launched Identity Threat Protection with Okta AI in early access mode.
Source: SiliconANGLE
Offensive Security
XBOW comes out of stealth w/ $20M for autonomous web app pen testing
Let's talk about XBOW. XBOW is founded by a team of former Github engineers including Nico Waisman, former CISO @ Lyft and Oege de Moor who previously founded Semmle which was sold to Github.
XBOW is an autonomous web application testing tool that passes 75% of web security benchmarks (🔥). XBOW has been tested against 543 PortSwigger and Pentester Lab exercises and 104 novel benchmarks showcasing its ability to identify and exploit known vulnerabilities but, also novel ones. You can read more about their testing methodology here.
Love this use case of AI. I can see XBOW becoming a web app pen tester’s or red team’s favorite tool for web app testing.
XBOW recently raised a $20M and officially came out of stealth this past Monday, July 15th, 2024.
Source: SecurityWeek
Security Operations
Tracebit raises $5M seed for threat deception in the cloud
Tracebit, a London-based startup, recently raised $5M in seed funding in a round led by Accel. Tracebit creates honeypot assets (aka canaries) across a cloud environment to deceive and lure in malicious actors in the environment. The canaries can be deployed via IaC and Tracebit has been trained to provide recommendations on optimal canary placement to best catch attackers in their tracks.
Source: SecurityWeek
Rest of Security Operations product news ⬇️
AttackIQ Mission Control simplifies security testing for distributed teams
Cytactic Snags $16M Seed Funding for Cyber Crisis Management Technology
Pentera updates RansomwareReady to secure Linux environments
Extras🎬
Marty Roesch: Scaling Sourcefire and creating a new way to monetize open source security software - Inside The Network Podcast
Cybersecurity in The White House – with Camille Stewart Gloster
CISA broke into a US federal agency, and no one noticed for a full 5 months
Security operations market trends reflect a push for unified cybersecurity solutions
Bye For Now!
That’s all for this week. Nos vemos la próxima semana! 🚀