TCP #54: Cyberstarts Seeds Linx, CRWD x MSFT Kerfuffle and Product News
Security Product News | July 16th - July 23rd, 2024
Welcome to Issue 54 of the The Cybersecurity Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
What’s up y’all! Wild week for our industry and for the world at large. Our industry is probably in the spotlight now more than ever due to Wiz, Crowdstrike, and Microsoft headlines. A Cyberstarts backed startup emerges with $33M in funding. Resourcely goes GA 🙌🏼 and tons more product news.
I can feel the temperature rising as we half the cybersecurity world readies to descend upon Las Vegas for Hacker Summer Camp! ♨️
Now onto some news that is currently shaking up the security product landscape.
WIZ Declines $23B Offer, IPO In Sight
As reported CNBC, Assaf Rappaport, Wiz co-founder, wrote an email to the entire company stating that they will be walking away from GOOGL 0.00%↑ ‘s $23 billion acquisition offer. Instead, the company will continue on it’s current path towards IPO and the milestone of $1B in annual recurring revenue (ARR).
This is exactly what I had predicted in last week’s newsletter and Enterprise Security Weekly ep. The deal simply did not make sense from either side as Google would be put in a unique position from a go-to-market (GTM) standpoint while Wiz is on the trajectory to be way more valuable than $23B over the next 5 years. Let’s remember that Wiz was founded ~4 years ago and has a valuation of over $10B as of their last raise in May ‘24.
Wiz will continue its warpath by taking market share from incumbents, entering adjacent product categories, having a world-class GTM strategy, and by continuing with their M&A strategy. With the recent lapses by Palo Alto Networks (PANW 0.00%↑ ) and Crowdstrike (CRWD 0.00%↑), Wiz is in a very good position to go full throttle.
The simple fact that Google offered $23 BILLION for Wiz and Wiz walked away, will justify a much higher valuation for Wiz moving forward.
Wiz leadership + advisors are playing chess, not checkers.
CrowdStrike x Microsoft Kerfuffle 🤺
I’m sure hearing these two names in the same sentence probably nauseates (spelled this right on my first attempt 😳) you by now so I won’t dive in too much. However, it’s still worth covering cause it does shake up the security product market. Also, while other airlines have gotten back up and running, Delta Airlines has not which would imply many entities are also suffering the same fate.
Wild to believe that it was a null pointer exception error that led to 8.5 million Windows devices being BSOD’d. CrowdStrike has been shipping agents for 10+ years. A CSRB review is 10,000% required here, imo.
Here’s a good dev-centric breakdown of the logic error which led to the outage: https://x.com/Perpetualmaniac/status/1814376668095754753
On the bright side, many entities were able to test their disaster recovery plans and see what its like to experience ransomware without the full implications of it.
Are we really surprised that attackers are seeing this as an opportunity to prey on victims?
At the end of the day, the entire tech industry is better off because of this. However, CrowdStrike will have to fight tooth and nail to keep customers from churning, yet I’m sure many of them already made their minds up on Friday morning.
All that said, it’s time for this week’s product news!
Product News 📰
AI Security
Forcepoint launches GenAI security offering
Forcepoint, a long-time player in the data security space, has launched a GenAI security solution that integrates with and leverages the capabilities from their DSPM, web security and Security Service Edge (SSE) offerings to secure the build and use of GenAI apps.
Source: HelpNet Security
Application Security
Heeler Security raises $8.5M Seed Round
Heeler Security, a newer player in the AppSec space, has raised a $8.5M seed in a round led by Norwest Venture Partners. Their core product is called 'ProductDNA' and it aims to unify the code, behavior, and context of applications to secure the SDLC and runtime of applications.
Source: SiliconANGLE
Cloud Security
Resourcely announces general availability 🎉
Today, much of the world ships cloud infrastructure via Infrastructure-as-Code (IaC) templates for speed, scalability and efficiency purposes. However, these same traits of IaC can backfire if the templates are not built securely from scratch. Deploying resources from insecure IaC templates can propagate many of the cloud misconfigurations which we see leading to data breaches today. i.e., The dreaded publicly exposed S3 bucket which has lead to some of the most infamous breaches of recent times. There are many more such instances where cloud misconfigs have led to serious sensitive data exposure. On the surface, it’s a simple problem to tackle but with so many cloud services, lack of secure config knowledge etc. it’s not that easy of a problem to solve at scale.
The talented team at Resourcely has been heads down over the past 2.5 years building out a solution to tackle this challenge. They’ve built what I see as a CSPM on steroids injected in developer workflows. On steroids because it actually has policy enforcement to prevent misconfigged deployments and secure templates to provide a more hand-holding type of experience to deploying cloud infrastructure.
Their product is based on two core concepts:
Blueprints - Secure templates which can be reused by anyone shipping infrastructure.
Guardrails - Secure config policies at the config + deployment stages to help prevent insecure deployments.
The product has tons of cool features including it’s own easy to read policy language and a neat UI. Check out the official release blog post here for all the deets. Kudos to Travis and the Resourcely team on the launch! 🚀
DataDog launches v2 of Essential Cloud Security Controls (ECSC) ruleset 💥
One of the most common friction points in the security product experience is in the onboarding. Onboarding a new CSPM, vulnerability management or any scanning-based tool for that matter; typically leaves security teams flooded with hundreds of thousands of findings (depending on scale) with thousands of them being critical and high severity.
So how do you know what to prioritize and remediate? How do you balance this with all the other important security work your team already has going on? It’s a seemingly impossible task and most products don’t make it any easier.
This is why I led the charge to launch the ECSC Ruleset while I was at DataDog. Following the 80/20 Pareto Principle, there are a core set of cloud misconfigs that can (and have) really burn a company if left unaddressed and that should be remediated ASAP for production assets. The ECSC Ruleset is comprised of such CSPM rules to help ease the thrash of onboarding the solution in new environments and to help teams focus on the risks that matter most.
Pretty cool to see that ECSC is one of the most utilized frameworks in DDOG 0.00%↑ Cloud Security Management product!
V1 of the ECSC ruleset can be found here.
V2 of the ECSC ruleset can be found here.
Kudos to Ryan, Nick, and the rest of the team on revamping this + adding K8s support!
Identity Security
Linx emerges w/ $33M in funding led by Cyberstarts
A new IAM security player, Linx Security, has emerged with 20+ employees and $33M in funding through Series A in rounds led by Cyberstarts and Index Ventures.
At a high level, based on the their marketing copy and blog posts, I would describe the Linx product as an identity security fabric. They hook into your existing IAM stack (e.g., Okta, Microsoft Entra, Ping) to extract and cross-pollinate the data from those tools to surface the riskiest findings.
One of the key value props here is that many hidden risks are uncovered when you link otherwise disparate systems together and get a birds eye view of an enterprise’s identity landscape.
This is also true for any other security domain. I wrote about this shift in security products after ZScaler (ZS 0.00%↑) acquired Avalor for $350M. Properly built data fabrics geared toward a specific use case are a great answer to alert fatigue and lack of prioritization. Two things most products have failed to solve for ever since cybersecurity became a thing.
A notable mention in this space is AKA Identity which seems to be building a similar solution.
Keep your eyes on this space! 👀
Source: Linx Security
ConductorOne streamlines help desk workflows w/ new features
ConductorOne (C1), a leader in Identity Governance and Administration (IGA), recently launched two new features to help bring more IAM to help desk workflows. Users can now request access through C1 and C1 will generate a ticket in their help desk system to track the request.
C1 has also added a help desk automation feature by which users can request access through their existing help desk system and C1’s AI copilot handles the approvals and access provisioning in the background.
For medium to large enterprises where IT and help desk teams handle the majority of access requests and provisioning, these 2 additions help make life much easier. Kudos to Alex Bovee and the C1 team! 🔨
Source: ConductorOne
Security Operations (SecOps)
BlackBerry launches CylanceMDR
BlackBerry has launched a managed detection & response (MDR) solution built atop of Open XDR and Cylance AI.
Source: BlackBerry
Rest of SecOps product news ⬇️
Extras🎬
Every successful security platform started as a point solution -
CISA Publishes Resiliency Playbook for Critical Infrastructure
Protect AI warns of increasing security risks in open-source AI and ML tools
Container Breakouts: Escape Techniques in Cloud Environments
Bye For Now!
That’s all for this week. Nos vemos la próxima semana! 🚀