🎄 TCP #69: SecOps in 2025; Hacker Mindset and Product News
Security Product News | Dec 11th - Dec.18th, 2024
Welcome to Issue 69 of The Cybersecurity Pulse! I'm Darwin Salazar, PM at Monad and former Detection Engineer. Each week, I explore the latest security product innovation and industry news. Stay ahead of security trends and themes by subscribing below to receive weekly digests directly to your inbox. Share with a friend if already sub’d! 📩
We're on the cusp of holidays🎄 which means that naturally, things are slowing down and we're about to be blitzed with endless (and obvious) yearly predictions. Many of these predictions have been predicted for the past decade and have actually already realized. Take predictions with a huge grain of salt and always ask yourself if the ‘predictor’ has an agenda or something to sell as that helps provide more context into why they’re predicting what they’ve predicted. Lastly, predictions from CISOs and practitioners should hold most weight as they often don’t have anything to sell you and are simply stating the trends they’re seeing take place in the trenches.
That said, let’s cyber! 🕺🏽
Interested in sponsoring TCP and connecting with over 4,700 security professionals across 100+ countries? 🌎 2025 slots are filling up!
Picks of the Week🎯
SANS Book of the Year: Cyber for Builders
Cyber for Builders is a MUST read for anyone building security products or looking to get a grasp on the business side of security. The book has many nuggets of wisdom that can help founders avoid common pitfalls and learn how to best bring their product to market.
To me, it’s no surprise that it won the SANS DMA Book of the Year award. Huge kudos to my dear friend,
, who undoubtedly has been a huge difference maker in the security industry over the past several years! 👏🏼If you don't own a copy yet, grab one here and thank me later!
Security Operations in 2025 and Beyond
Palo Alto Networks has made major strides in the SecOps space this year with their SIEM offering, XSIAM. They've recently released a few predictions for 2025 which may hint at XSIAM's product direction in the coming year. Below are their predictions:
Convergence of CNAPP and SIEM - "Code to Cloud to SOC" 🤔
The SOC will increasingly leverage AI for exposure management.
AI SOC solutions will redefine the human analyst's role.
While its fairly obvious that the latter two will gain more traction next year, the first one feels like a stretch. A CNAPP is basically 5-7 tools in one unified platform if done right. Not all CNAPP findings are time-sensitive or require real-time monitoring which is where SIEMs excel. Merging the two would create more noise and management overhead for SecOps teams.
Will be interesting to see how Palo will try to pull this off.
Cultivating a Hacker Mindset in Cybersecurity Defense
This post argues that the hacker spirit is dying out as the security industry becomes more professionalized. I agree and do believe that the most successful blue teamers have spent some time doing offensive security or studying red team tradecraft. Spending time on red enables you to understand attacker motives and attack chain patterns which in turn helps with building detections and in incident response.
If you're a practitioner or a people leader, I highly encourage reading this post and finding ways to instill the hacker DNA within your team(s).
Product News 📰
Pretty light this week on product news so we’ll be covering some interesting fundraising that’s taking place to close out the year.
AI Security
AIMon raises $2.3M to tackle AI Hallucinations
One of the biggest challenges AI adoption has faced is ✨hallucinations✨. While models have gotten more accurate over time, it's still a concern in cybersecurity, military operations, medical diagnostics and other use cases. There’s just very little to no room for inaccurate results in mission-critical operations.
Great to see that there are startups hyperfocusing on solving this and ultimately, increasing human trust in AI. Learn more about AIMon here.
More data security product news ⬇️
Data Security
Keepit Raises $50 Million for SaaS Data Protection Solution
The data security space remains hot and will continue to for the next gazillion years. Keepit is a Denmark-based startup focusing on SaaS data security + backups which is a much tighter scope than DSPM or DDR solutions on the market today.
I think Keepit is a great acquisition target for large vendors looking to expand their data security offerings. Hyperfocusing on a niche of a much larger problem is a great way to build a moat against the rest of the market. Will be interesting to see what Keepit does next!
Email Security
Sublime Snags $60M Series B for Email Security Tech
Sublime has quickly emerged as a leader in the crowded email security space. Their solution is used (and loved) by Reddit, Netflix, Brex and many more. I haven't fully dug into what sets them apart but the security community loves their product and I'm bullish on their leadership + design team.
Will be great to see what they've got up their sleeves next!
More Email Security product news ⬇️
Offensive Security
The latest version of Kali comes with 14 new tools including 4 for Windows pen testing. Most compelling to me is BloodyAD which can perform LDAP calls to domain controllers to perform privilege escalation.
More OffSec product news ⬇️
Security Operations
Rubrik introduces Turbo Threat Hunting for faster breach recovery
A huge issue in breach or ransomware recovery is finding the last clean backups across impacted assets. Rubrik recently released a feature that turns this process from weeks/days to minutes. Turbo Threat Hunting can scan up to 75K backups in seconds using pre-computed hashing which eliminates the need for file-by-file scanning to identify altered files. #Innovation
More SecOps product news ⬇️
Arctic Wolf acquires Cylance from BlackBerry for $160 million
Intezer’s Autonomous SOC Platform Now Available in the Microsoft Azure Marketplace
Let's Grow Together!🫱🏽🫲🏻
Are you looking to boost your brand's visibility? Partner with us! Sponsoring TCP not only helps us continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of over 4,600 CISOs, practitioners, founders, and investors across 100+ countries 🌎
Bye For Now!
That’s all for this week… ¡Nos vemos la próxima semana! 👋🏽