Welcome to Issue 56 of the The Cybersecurity Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest and most exciting developments in cybersecurity innovation into digestible, bite-sized updates. If you’re serious about staying at the forefront of the latest in security products and industry news make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox every week 📩 🚀
We’re coming off the heels of Hacker Summer Camp where I’d bet over 50% of attendees caught COVID, including myself 🤒. That said, I wouldn’t change a thing. It was a fairly productive week, I post more about it here. I also published my notes from the Innovators & Investors summit here which may interest you if you’re building things in cyber.
Anyways, as I walked the BlackHat Expo Hall, I had a few observations:
There is heavy saturation in the ASPM, EASM, and IAM categories. I’m pretty sure I counted 15+ ASPM vendors.
Marketing teams should hang out with security people more in order to nail messaging down and differentiate from the pack in crowded segments.
Note: The vendor marketing climate has improved a ton to resonate with security practitioners, yet there are still some blunders like “patchless patching”.
There’s an explosion of vendors compared to the last time I attended in 2018. ZIRP + FOMO from investors has led to this, yet more attacks are happening today than ever before. This leaves more room for innovation + investment.
SOC tooling is changing and there are no clear winners yet. I like Anvilogic, Panther, and Elastic.
Startup City is where the real excitement and innovation is.
Now onto the picks of the week!
Picks of the Week🎯
This section was previously titled “Extras” and lived at the bottom of the newsletter. Based on feedback and in the spirit of highlighting how we can build better security products and companies, I’ll be keeping it up top v. in the basement.
The best hacks and security research from Black Hat and DEF CON 2024
Side note: The title is incorrect. Duo Security was also a product-led growth (PLG) startup that achieved a multi-billion dollar exit. Read more about PLG in security here.
Azure outages should spark new urgency for a multi-cloud approach 🌶️
Azure has the most outages and critical security flaws out of the big 3 cloud providers. I don’t have hard data on this but I would assume this has driven many CIOs and CISOs to move critical workloads to other providers.
Product News 📰
We’re covering 30+ product announcements in this week’s issue. There’s no way that’d I’d be able to parse through each and provide the tl;dr on them while still maintaining my sanity so.. I will just link to the updates in one-liners that capture the essence of the new features, capabilities, and products that were released during BlackHat. We’ll be back with more in-depth goodness in the weeks to come!
Application Security
Endor Labs launches Upgrade Impact Analysis and Magic Patches for SCA market
AI Remediation by ArmorCode reduces DevSecOps friction and accelerates security fixes
Apiiro introduces AI-driven ‘Risk Detection at Design Phase’ for enhanced app security
Contrast Security launches new ADR service to bolster application security
Cloud Security
SpecterOps Releases BloodHound v5.13.0 with Hybrid Attack Paths (AD + Entra ID) and Dark Mode 🔥💎
Orca Enhances CDR Capabilities to Fortify Cloud Investigation and Response
Data security
Votiro introduces enhanced data privacy features and integrations
Fortinet acquires Next DLP to extend its data security capabilities
Digital Forensics & Incident Response (DFIR)
New Veeam Data Cloud release delivers Microsoft 365 backup and recovery
Rubrik Partners With Mandiant for Cyber Resilience and Accelerated Incident Response Recovery
Identity Security
Network Security
OT/IoT Security
Fortinet enhances OT security platform with new networking and operational capabilities
Claroty open sources two OT security tools
SaaS Security
Security Operations
Elastic automates SIEM data onboarding with Automatic Import
Cado platform enhances SOC efficiency with AI-driven workflow automation
Cymulate AI Copilot validates security against real-time threats
SentinelOne Launches New Managed Detection And Response Service
Rapid7 releases Command Platform, unified attack defense and response
Swimlane enhances Hero AI with advance case summarization and AI-augmented reporting
Bye For Now!
That’s all for this week. Nos vemos la próxima semana! 🚀