π‘ TCP #62: Future of SOC Tooling, NHI Index, and Snyk Product Updates
Security Product News | Oct 1st - Oct. 9th, 2024
Welcome to Issue 62 of The Cybersecurity Pulse! I'm Darwin Salazar, Founding PM at Monad and former Detection Engineer. Every week, I cover the latest in security product innovation and news impacting the industry. If youβre serious about staying at the forefront on trends and themes in security, make sure to hit the button below to get my insights delivered straight to your inbox every week! π©
Welcome to another issue of TCP! 26 days till the US Presidential election and a few hours from Hurricane Milton making landfall in Florida. Prayers out to those impacted by Hurricane Helene and Milton ππ½
A few things to spotlight before we dive in on our Picks of the Week:
Clutch Securityβs NHI Index is a treasure trove for all cloud security and IAM teams. itβs open-source and highly actionable. Access the index here.
The 2025 SANS Detection Engineering survey is open to respondents. Check it out here.
We are now open for sponsorships for the remainder of β24 and Q1 of β25. If youβd like to partner on this front, learn more here and reach out at sponsorships@cybersecuritypulse.org.
In our Picks of the Week, we cover the state of the SOC and take a look at the sentiment and adoption of AI in the SOC.
Now without further ado, letβs cyber!
This Weekβs Sponsor
Triaging and investigating the seemingly never-ending flood of alerts to identify actual threats is a grueling challenge. This constant barrage causes fatigue, missed detections, and over-reliance on ineffective automationβleaving blindspots and a growing backlog of alerts to investigate.
Prophet Security solves these challenges with their breakthrough AI SOC Analyst. Prophet AI is a force multiplier for security operations teams, capable of human-level investigative planning, reasoning and analysis at machine speed and scale. If your security team is overwhelmed with noise, Prophet AI can help you take control.Β
Picks of the Weekπ―
MITRE has recently announced a few major releases:
AI Incident Sharing Initiative - A project to share intel on incidents occurring across "operational AI-enabled systems". Launched as part of MITRE ATLASΒ
Added mitigations to EMB3D - EMB3D is a threat model framework and knowledge database. With the recent release, it's threat catalog is now accompanied by mitigation guidance.
SOC teams are frustrated with their tools
A survey recently conducted found that⦠you guessed it⦠Working in SecOps is a tough job and yesterday's + today's tooling have barely solved the biggest challenges. In my opinion, more tools will never solve all your problems or stop all the attacks. At the end of the day, it'll always come down to people (quantity + quality), culture, processes, and then the type of tech.
That said, let's still take a look at some compelling survey results:
60% of SOC practitioners say threat detection tools create excessive noise and alerts, and 71% believe vendors should take more responsibility for failing to stop breaches.
81% spend over 2 hours daily triaging security events, and 50% feel their tools hinder rather than help, as they can only handle 38% of alerts, with 16% being real threats.
85% report increased AI investment, with 67% noting its positive impact on threat identification.
75% say AI has reduced their workload, 73% report lower burnout, and 89% plan to adopt more AI-powered tools next year to replace legacy systems.
In my opinion, AI will slowly become a staple across all security functions. It's needed and it's inevitable.
Check out this week's sponsor, Prophet AI, to see how their solution is helping SecOps teams solve some of the challenges covered in the survey.
2025 SANS Detection Engineering Survey Now Open
Speaking of surveys and the SOC.. SANS, in collaboration with Anvilogic, has recently opened up their 2025 SANS Detection Engineering Survey to capture the state of detection engineering in 2024. If you play any role in detection engineering, check the survey out here!
AI Now a Staple in Phishing Kits Sold to Hackers
Sometimes people ask for data on attacker's adoption of AI and while that's been hard to calculate, most of us know that the adoption rate is HIGH. A recent study done by Egress, found that 74.8% of dark web phishing toolkit listings referenced AI with some toolkits going for as low as $300 and including deepfakes.Β Not good.
The Value of AI-Powered Identity
Honorable mention. This post takes a look at how AI can be a force multiplier for IAM security.
Product News π°
Product news. My favorite kind of news.
Application Security
Snyk DevSecCon Product Announcements
Snyk recently announced a few major product updates at their annual conference, DevSecCon, taking place yesterday and today (Oct. 9th). To no surprise, they include a heavy dose of AI. Below is a list of the announcements:
AI-Driven Code Fixes (GA): Using their DeepCode AI module, devs can now fix vulns within their IDEs, benefiting from Snykβs homegrown LLMs.
Enhanced Snyk Analytics: Offers deeper insights with Developer and Issue Analytics, integrated with Snowflake AI Data Cloud. Great to see vendors becoming more data centric.
AppRisk Feature Updates: Expands risk prioritization by factoring in app architecture, business value, and runtime state, offering a 360-degree view of app security posture.
Improved Pull Request Workflows: Enables developers to address security concerns directly in SCMs with customized PR summaries and ranked security findings.
Rest of AppSec product news β¬οΈ
Legit Security Adds Application Security Rating Scorecards to ASPM Platform
Orca Integrates with Azure DevOps Repos to Enhance Shift Left Security
Cloud Security
Resourcely Campaigns Early Access
Resourcely has launched their βCampaignsβ feature which enables security teams to bring unmanaged cloud resources under Infrastructure as Code (IaC) and into compliance. This new module is massively impactful for any organization doing IaC and wanting to get their security fully dialed in.
Rest of CloudSec product news β¬οΈ
Data Security
Harmonic Security Raises $17.5M Series A
Harmonic, a data security for AI startup and RSAC 2024 Innovation Sandbox Finalist, has raised a $17.5M Series A. Theyβre solution sits between tools like ChatGPT, MSFT Copilot etc. and helps detect and block potential sensitive data leaks. DLP on steroids fit for the modern age.
Identity Security
Clutch Security Open-Sources NHI Index
Clutch Security has open-sourced their NHI Index which provides the most comprehensive deep dive on non-human identities that Iβve seen to date.
It covers what NHIβs exist across the big 3 cloud providers, popular SaaS apps, and Code+ CI/CD tools. Not only does the catalog tell you what NHIs exist but also where to find telemetry about NHI activity. Lastly, the index includes bad practices and good practices on NHI security.
This index is extremely powerful for all security teams today. Shout out to the Clutch team for this great community asset! π
The index can be found here.
Rest of Identity Security product news β¬οΈ
Security Operations
PagerDuty Adds New AI Features
PagerDuty has added new AI-powered features including:
An AI assistant for Microsoft Teams. Ew but cool if you're at a Microsoft shop.
More fine-grained alert processing features for their Event Orchestration tool
Rest of SecOps product news β¬οΈ
NinjaOne introduces AI-driven Patch Sentiment feature for enhanced security
Human Security raises $50M+ to expand digital protection platform
Bye For Now!
Thatβs all for this weekβ¦ Β‘Nos vemos la prΓ³xima semana! ππ½