10 Hot AI Cybersecurity Tools At RSAC 2024

Vendors including Palo Alto Networks, Trellix and Proofpoint debuted new AI-powered security tools and capabilities this week during the conference.

Hot AI Cybersecurity Tools

Without a doubt, this year’s RSA Conference in San Francisco has lived up to expectations when it comes to the focus on generative AI. RSAC 2024 has seen countless vendors unveil new security tools and capabilities leveraging large language model technology, and for the second year in a row, GenAI has been ubiquitous in conversations around the show.

Vendors including Palo Alto Networks, Trellix and Proofpoint were among the many that debuted new AI-powered security tools and capabilities this week during the conference.

What follows are 10 hot AI cybersecurity tools at RSAC 2024.

Dazz: Unified Remediation Platform Updates

Cloud security startup Dazz unveiled new capabilities for its Unified Remediation Platform, which is focused on improved prioritization and remediation of cloud vulnerabilities. The new capabilities include automated code-fixing for vulnerabilities in containers as well as AI-powered guidance on remediation. The updates will “enable cybersecurity teams to use AI and automation to prioritize critical issues, fix them faster with less human intervention, and present a unified view of vulnerability management and risk to auditors and stakeholders,” the company said in a news release.

Palo Alto Networks: Precision AI

Palo Alto Networks unveiled its new Precision AI capabilities across its product portfolio Tuesday, along with several tools for protecting the use of GenAI itself.

“Today, the security we can give [to] customers is now enabled by various forms of machine learning and AI to make sure that we are using the bleeding-edge technologies to protect you — which we are concerned that bad actors might use to attack you,” CEO Nikesh Arora said during comments at the announcement event. “The only way to fight AI is with AI.”

Meanwhile, Palo Alto Networks also announced a number of new tools for protecting the use of GenAI itself, including AI Access Security for securing the use of AI apps; AI-SPM (security posture management) for identifying vulnerabilities in AI models; and AI Runtime Security for securing against runtime threats such as prompt injections.

Additionally, Palo Alto Networks announced three copilot assistants powered by GenAI — Strata Copilot, Prisma Cloud Copilot and Cortex Copilot.

Trellix Wise

Trellix announced a news suite of AI and GenAI capabilities, Trellix Wise, aimed at bolstering the reduction of cyber risk using its extended detection and response (XDR) platform. Trellix Wise “extends across the Trellix XDR Platform to discover and neutralize threats more efficiently while lowering security operations costs,” the company said in a news release. Key functionality includes automation of workflows along with improved efficiency for analysts and enhanced prevention, detection, remediation and investigation of threats, according to Trellix.

Protect AI: Sightline

Protect AI announced a new database for vulnerabilities affecting AI/ML supply chains. The database differs from traditional vulnerability offerings by “providing deep insights into known and emerging AI/ML vulnerabilities,” paired with an early-warning system that enables organizations to protect against threats “an average of 30 days before they appear in the National Vulnerability Database (NVD),” the company said in a news release. The offering leverages Protect AI’s acquisition of huntr and ultimately provides a “comprehensive vulnerability database that surpasses traditional sources with original security research tailored to AI and ML technologies,” the company said in the release.

Adaptive Shield: SSPM Capabilities

Adaptive Shield introduced news SaaS Security Posture Management (SSPM) capabilities that offer detection and response for AI-powered applications, with the aim of reducing GenAI-related risks. Key functionality includes security posture capabilities for AI apps; hygiene and risk scoring; “detailed” security checks that are “filterable by domain, severity, or compliance framework”; and AI configurations to help with controlling security settings related to AI, the vendor said.

SentinelOne: Auto-Investigation

SentinelOne debuted a major new automated investigation capability on its Singularity Platform, powered by its Purple AI technology. Auto-Investigation is “where Purple is conducting the investigation on your behalf,” Ric Smith, SentinelOne’s chief product and technology officer, told CRN.

Security Operations Center teams are “hyper-burdened with alerts,” Smith said. “We're trying to make it such that this [technology] can go through and deal with the investigation on behalf of the analyst. It’s basically burning down that backlog and burning down risk, which has never been done before.”

Proofpoint: LLM-Based Detection

Proofpoint unveiled new capabilities for its email security offerings including LLM-based detection that analyzes emails prior to delivery, as well as after delivery and at the time of a click. The new capabilities take just milliseconds to analyze emails before they are delivered, Proofpoint CEO Sumit Dhawan told CRN during an interview at RSAC.

But then, “our models keep running post-delivery so that we can keep checking — and within a minute after delivery, before someone has read [an email], we can take it out. That’s an industry-first,” Dhawan said.

Torq HyperSOC

Security hyperautomation firm Torq showcased its recently launched HyperSOC offering, which enables organizations with automation, management and monitoring for “critical SOC responses at machine speed,” the company said in a news release. Using natural language processing, the offering can initiate and expedite investigations of security events while also assisting with triage and remediation, Torq said. HyperSOC ultimately delivers “comprehensive case management capabilities with unprecedented ease” along with automation for complex processes, according to the company.

Deep Instinct: DIANNA

Deep Instinct debuted its Artificial Neural Network Assistant (DIANNA), which the company called the industry’s “first AI-based cybersecurity companion that provides explainability into unknown threats.” DIANNA enables a “prevention-first” approach to security through offering improved static malware analysis that “no other solution on the market can replicate,” the company said.

SlashNext GenAI for Spam and Graymail

SlashNext announced what it’s calling the “first spam and graymail detection and filtering solution” leveraging generative AI, with the debut of SlashNext GenAI for Spam and Graymail. The offering provides improved accuracy with “near-zero” rates for false positives, the company said. The tool utilizes AI classifiers that are “specifically trained to identify different categories of spam and unwanted graymail, such as marketing ads, sales outreach, newsletters and announcements,” the vendor said in a news release.