10-Plus Hot New Security Products Launched At Black Hat 2015

Big Products At Black Hat

Security vendors took advantage of one of the biggest security conferences of the year to launch some of their hottest new security products. At Black Hat 2015, companies launched new mobile, cloud and endpoint security offerings and formed partnerships with their peers for joint solutions to address some of security's biggest challenges.

Take a look at some of the new products and partnerships unveiled at the event.

Checkmarx Mobile Application Security

Application security startup Checkmarx is going mobile with the launch of an enhanced mobile application security solution at Black Hat. As mobile devices continue to multiply, CEO Emmanuel Benzaquen said in a statement that there is more need than ever to build in application security from the get-go to protect information. The new offering allows for static analysis of native and hybrid applications for vulnerabilities and adds enhanced functionality around development framework PhoneGap and iOS 9.

"Enhancing our security offering to include the most popular ways to create mobile applications makes it that much easier for developers to ensure that their source code is secure during the development process, ultimately providing greater peace of mind for the consumers using the applications," Benzaquen said in a statement.

CloudLock Cybersecurity-as-a-Service

Cloud security startup CloudLock rolled out what it claims is the industry's first Cybersecurity-as-a-Service offering for any cloud environment. The series includes a Software-as-a-Service offering for securing SaaS applications, a solution for securing Platform-as-a-Service offerings, a solution that provides visibility into Infrastructure-as-a-Service offerings such as AWS and Azure, and an Identity-as-a-Service offering to help identify anomalous user activity. In addition to the series of cloud security offerings, CloudLock rolled out expanded API capabilities to ISVs.

CounterTack, Blue Coat Integration

Fresh off a $25 million Series C funding round and the recent acquisition of ManTech Cyber Solutions International, CounterTack unveiled a formal integration with Blue Coat's Content Analysis System and Security Analytics. Through the CounterTack Sentinel platform, the partnership allows for more threat intelligence from the network to be funneled into actionable intelligence for the endpoint, and vice versa.

"Our integration is unique in that either technology can detect threats effectively, or both platforms can perform the analysis or response necessary based on severity levels, root cause determined and assets impacted. We look forward to the go-to-market possibilities with a truly integrated EDR-network security solution," said Avi Legmann, senior vice president, business development, CounterTack | MCSI, in a statement.

Check Point Mobile Threat Prevention

Check Point Software Technologies launched Check Point Mobile Threat Prevention, a solution targeting all of a company's mobile threat prevention needs. The solution includes advanced threat protection, full visibility and threat intelligence, seamless deployment that integrates with a company's MDM solution, and a cloud-based dashboard. With a growing number of mobile devices in the enterprise, Check Point said it is increasingly important that companies have the right level of visibility and actionable intelligence to mitigate BYOD threats.

"Mobile devices are entering the enterprise at a faster rate than ever before, yet most organizations have failed to protect them or their users,’ said Dorit Dor, vice president, products, Check Point Software Technologies, in a statement. "Providing protection and preventing data leakage in a way that BYOD users easily accept is critical for success."

SentinelOne Endpoint Protection Platform

Just before the Black Hat conference, SentinelOne unveiled its Endpoint Protection Platform, an endpoint security solution that has been certified by AV-TEST. The certification is important because it allows customers to replace their existing antivirus solutions with the new SentinelOne offering while still maintaining compliance standards. The solution combines traditional signature technology with next-generation endpoint capabilities to protect against advanced malware and exploits using dynamic execution inspection technology. Beyond detection, the solution also offers mitigation, remediation and forensics capabilities.

Comilion

While many companies recognize the importance of collaboration for security, many highly regulated companies face compliance, corporate or government rules that prevent them from sharing threat information. Comilion is looking to change that by enabling more collaboration in the security industry with its platform to enable secure and private bidirectional collaboration. The platform, which integrates with existing security infrastructures, shares threat indicators, malicious activity, security trends and more. To protect company and user information, the platform uses Traffic Light Protocols, data protection standards, a relevancy-based sharing model and more. It is available to top-tier enterprises.

Farsight Security's Security Information Exchange

Farsight Security upgraded its Security Information Exchange at Black Hat, adding new capabilities for Internet security. The solution is designed to aggregate information from more than 500 global sensors, providing users with important insight into online cybercriminal activity. Additions to the Security Information Exchange include Newly Observed Hostnames to track infringing domains and malicious host names, DNS Changes to track domain name configuration changes, DNS Errors to track unsuccessful DNS queries, and NXDomains to track failed domain requests. The new solutions are available via subscription on the company's Security Information Exchange.

Tanium, Palo Alto Networks Partnership

Palo Alto Networks teamed up with red-hot endpoint management and security startup Tanium. The exclusive agreement brings together an integrated offering for automated threat detection and incident response, where Tanium will receive malicious indicators from Palo Alto's Wildfire solution to identify compromised endpoints and take fast remediation steps. Tanium also will provide Palo Alto with malicious indicators it detects on the endpoint. The partnership helps solves the problem of a large number of alerts coming in separately from the network and the endpoint, with a lack of integration to provide visibility or remediation upon detection.

Gurucul Self-Audit Portal

Gurucul expanded its Risk Analytics platform at Black Hat, adding a Self-Audit Portal to allow companies to review high-risk activity to find anomalies. The enhancement, which will be available for free to all Gurucul platform customers, enables privileged users to review cloud and internal network activity. The idea is that insiders with more context into an organization's movements can better detect an anomaly or threat before it becomes a problem.

"The Self-Audit Portal [enlists] privileged users, who can immediately recognize anomalous activity associated with their accounts when they see it, to help contain threats that only they could detect in the early stages of an attack," said Saryu Nayyar, CEO of Gurucul, in a statement.

WhiteHat Security, Prevoty Partnership

Web security vendor WhiteHat Security unveiled a partnership with application monitoring and protection company Prevoty at Black Hat. The partnership will allow WhiteHat's Software-as-a-Service customers to add on application attack detection and prevention tool Runtime Application Self-Protection. The partnership is a win for customers who are looking to innovate applications quickly, without sacrificing security, according to the companies. In particular, the partnership provides visibility, improved vulnerability management and remediation steps.

Trustkit

Launched through a partnership between Yahoo and mobile app security company Data Theorum, Trustkit is an open-source toolkit to help developers with SSL pinning on their applications. The SSL pinning allows developers to prevent eavesdropping on data connections using certificates. Instead of a time-consuming development process used in the past, the toolkit provides a "drag-and-drop" solution for SSL pinning into Apple's SecureTransport solution and provide a mechanism to report pinning failures. It is currently available for Yahoo mobile developers.