📡 TCP #65: Noma; Crowdstrike Acquisition Spree; OCSF; and Product News
Security Product News | Oct 30th - Nov. 6th, 2024
Welcome to Issue 65 of The Cybersecurity Pulse! I'm Darwin Salazar, Founding PM at Monad and former Detection Engineer. Each week, I explore the latest security product innovations and industry news. Stay ahead of security trends and themes by subscribing below to receive weekly digests directly to your inbox. Share with a friend if already sub’d! 📩
Let’s cyber 🕺🏽
Interested in sponsoring The Cybersecurity Pulse and connecting with over 4,100 security professionals across 100+ countries? Learn more below! 🌎
Picks of the Week🎯
Crowdstrike to acquire Adaptive Shield for $300M
Adaptive Shield (AS) is a leader in the SaaS security space and this acquisition should play along nicely with Crowdstrike's long list of products. AS SaaS identity security capabilities will augment Crowdstrike's Identity Protection platform. AS SaaS detection and responsibilities for 150+ integrations will provide more coverage for Crowdstrike SIEM customers and so on.
Great synergistic pick up by Crowdstrike. 3rd in the past 12 months. They picked up Bionic for AppSec and Flow Security for Data Security earlier this year.
Microsoft now a Leader in three major analyst reports for SIEM
Microsoft Sentinel SIEM bursted on the scene back in 2019 and has relentlessly been eating up market share. It’s an extremely solid SIEM w/ 340+ OOTB integrations and insane integration with Azure services and native support for the Microsoft ecosystem of products and telemetry.
It's no surprise to me that Sentinel is a leader in Gartner, Forrester and now, the IDC MarketScape for Worldwide SIEM report.
Fun fact: Sentinel is the first SIEM I cut my teeth on. Below is a webinar I did a while back on using it's native query language, Kusto Query Language (KQL).
Sophos mounted counter-offensive operation to foil Chinese attackers
Pretty cool report that highlights how deep the rabbit hole goes when it comes to nation-state actors like Volt Typhoon (APT31/41).
It all started when "On Dec. 4, 2018, a low-privileged computer connected to an overhead display began to scan the Sophos network—seemingly on its own.." Very Cuckoo's Egg/Clifford Stoll like. Worth a read!
FBI arrested former Disney employee for hacking computer menus and mislabeling allergy info
"A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe." Jail time, lawsuit and a gazillion hours of community service for this guy. Luckily, Disney detected the menu changes before it brought harm to anyone!!
Definitive Guide to Open Cybersecurity Schema Framework (OCSF) Mapping
Wrangling logs, findings, alerts and normalizing it all has been a tremendous challenge for decades and the challenge has only grown exponentially in recent years. It's a huge reason why you always hear about alert fatigue.
Enter OCSF. A set of unified data schemas for different security data types looking to standardize and clean things up a bit. In this blog post, the SecDataOps maestro himself, Jonathan Rau, walks us through mapping data from different sources to OCSF. A must read for anyone working with OCSF or thinking about doing so.
Product News 📰
Product news. My favorite kind of news.
Application Security
Noma Security emerges from stealth w/ $32M Series A
This is a very interesting and exciting one. Noma takes a holistic approach to securing AI apps and models starting from dev phase to post-deployment. They take into consideration all key players and avenues in model and app building + tuning including data engineers, data scientists, developers and infra engs.
This means that they provide security coverage for the key tools each of these functions rely on including Jupyter notebooks, MLOps data pipelines, open-source models, data warehouses etc. They also provide AI/ML-BOM generating capabilities which helps understand the supply chain that make up the components in a model and the data it has been trained on. The screencap below covers features + capabilities a bit more:
Notable backers of Noma are Glilot Capital and Ballistic Ventures. Kudos to the Noma team!
More AppSec product news ⬇️
Cloud Security
Wiz released AI-powered remediation v2
Prioritization and remediation are extremely difficult challenges to solve for. It’s a huge reason why findings go unresolved for months or.. forever. There is no one size fits all when it comes to remediation of cloud misconfigs, vulns etc. Lots of ppl and process bloat along with risk of inadvertent downstream impacts like closing off an important port on a production K8s cluster.
That’s why it’s cool to see that Wiz has launched an updated version of their remediation module which takes into consideration as much context about the customer’s environment and proposes multiple different remediation strategies.
We always here that there are too many tools, producing so much signal, and that remediation guidance is typically an after thought. It’s sad but true. Remediation is the last mile effort where value is realized from security tools, imo. So, big kudos to the Wiz team for continuing to make the life of practitioners easier.
More cloud security product news ⬇️
Data Security
Last week, I mentioned that the data security space was scorching hot and a few hours later, MIND security came out of stealth w/ an $11M seed round led by YL Ventures. They’re a DLP solution border-lining DSPM considering their full suite of features. Below is more news from the data security space:
BigID DSPM Starter App enhances data security posture for Snowflake customers
Fortinet Unveils AI-Powered FortiDLP Solution to Boost Data Security & Insider Risk Management
Security Operations
SentinelOne Puts More Features Behind the Autonomous SOC Vision
Let's Grow Together!🫱🏽🫲🏻
Are you looking to boost your brand's visibility? Partner with us! Sponsoring TCP not only helps us continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of over 4,000 CISOs, practitioners, founders, and investors across 100+ countries 🌎
Bye For Now!
That’s all for this week… ¡Nos vemos la próxima semana! 👋🏽