The 10 Hottest Cybersecurity Products At Black Hat 2022
From new enterprise browser technology to a new MDR mobile app, here are 10 of the hottest product launches and updates unveiled at the annual security conference in Las Vegas.
Needless to say, it was hot at Black Hat USA 2022 in Las Vegas this week, both in terms of the weather and the caliber of new products and updates unveiled during the cybersecurity conference.
Thousands of vendors, channel players and other cybersecurity folks descended on the gambling mecca for the 25th Black Hat conference held at the Mandalay Bay Hotel and Casino in Las Vegas.
Not surprisingly, most of the talk was about the relentless uptick in cyberattacks conducted by cybercriminals, nation-state players and other hackers—and the best tools being developed these days to counter the numerous ways cyberhackers are trying to penetrate organizations’ systems.
Following is a look at 10 of the hottest product launches and updates from Black Hat, via the following companies:
* Concentric AI
* Seraphic Security
Protecting remote workers and the tools they use to communicate has become a top priority for cybersecurity experts. Enter Concentric AI, which used Black Hat USA 2022 to launch a new security offering to protect sensitive data across popular business email and messaging platforms, including e-mail, Slack and Microsoft Teams
According to the company, the new capabilities are available as part of the Concentric Semantic Intelligence platform and they autonomously evaluate and manage data security to help security professionals.
“E-mail, Slack and Teams are double-edged swords,” said Karthik Krishnan, CEO of San Jose, Calif.-based Concentric. “They’re unmatched as productivity tools, but they also create huge potential for data loss. Malicious actions or human error can easily expose business-critical data to unauthorized users. With Concentric, employees can continue collaborating and keep their operations humming without exposing the organization to regulatory violations, intellectual property loss or data breaches.”
One of the keys to security is simply limiting access to sensitive data. At Black Hat USA 2022, New York-based BigID unveiled new features to its privacy and data protection platform that will allow security officials to reduce data vulnerabilities, via what the company is calling an “industry-first” automatic remediation to manage access and permissions on overexposed data and over privileged users.
“With these latest features, security teams can natively enforce access control changes to protect against data breaches, insider threats, and elevate data security posture,” the company said in a statement.
So many security vulnerabilities today trace back to remote working—and security experts are increasingly eyeing the need for safe enterprise browsers as a way to further protect data.
At Black Hat 2022, Tel Aviv, Israel-based Seraphic Security, after two years of development, came out of stealth mode to unveil its new browser security offering for enterprises. The company says its solution works across any browser (including Chrome, Edge, Safari, Firefox and others) and any device.
“Our technology is enabling us to bring security into any browser used by the employee, without the need to migrate to a different browser or make any changes to the user’s browsing experience,” said Ilan Yeshua, co-founder and CEO of Seraphic. “This is a huge advantage for end-users, ensuring uncompromised productivity and substantially reducing complexity for the security team.”
Talk about taking work home with you. Boston-based Cybereason, an XDR provider, unveiled at Black Hat 2022 a new mobile Managed Detection and Response (MDR) application that allows security officials to get alerts and updates from a Cybereason Security Operations Center at the touch of a cellphone button.
In a statement, the company said the new app helps “empower security analysts to quickly understand the full scope of attacks” in real- ime, particularly during traditional non-work hours when many attacks occur.
Lior Div, CEO of Cybereason, called the new MDR mobile app a “game-changer” for customers dealing with malicious activities “coming during off-peak work hours.”
Cybersixgill, a threat intelligence provider based in Tel Aviv, Israel, released its new Dynamic Vulnerability Exploit (DVE) Intelligence offering that it says will streamline vulnerability analysis to help companies reduce risk by accelerating their time to response. Cybersixgill said its new DVE Intelligence features substantial updates to its previous DVE Score.
“Given the high volume of attacks using vulnerability exploitation as the initial means of infiltration, companies are in need of vulnerability management solutions that give them the data and context they need to fully understand where their greatest business risks lie,” said Gabi Reish, chief business development and product officer for Cybersixgill. “Our new DVE Intelligence delivers the broadest range of contextual data.”
SentinelOne used the Black Hat 2022 conference to unveil its new XDR Ingest, which the Mountain View, Calif.-based cybersecurity company said will provide its customers with a “limitless dataplatform to ingest, retain, correlate, search and action all enterprise security data—real time and historical, from any source.”
“Cybersecurity is a data problem,” said Nicholas Warner, president of security at SentinelOne. “SIEM has been the de facto technology for retaining security data and applying security analytics to uncover and respond to threats. But the ingestion process is arduous and retention prices are high—particularly for historical data. … XDR Ingest solves these technology, people and process problems, and we’re very excited for SentinelOne customers to thrive in the XDR era.”
Tenable, the vulnerability management company based in Columbia, Md., unveiled at Black Hat 2022 additions to its Tenable Cloud Security. Paired with its Tenable Cloud Security Live, Tenable Cloud Security Agentless Assessment is designed to help organizations remediate vulnerabilities faster and prevent zero-day bugs from being exploited.
The company said the new addition unifies Tenable’s cloud security posture and vulnerability management tools into a single, agentless solution.
“Tenable Agentless Assessment represents a monumental step forward in cloud vulnerability scanning technology,” said Glen Pendley, CTO of Tenable, in a statement.
“As the period from vulnerability disclosure to exploitation shrinks, cybersecurity teams have even less time to respond. Tenable Cloud Security is an Easy Button that takes the time-consuming manual labor out of the equation, proactively detecting and assessing vulnerabilities in near real time.”
Leaked and stolen credentials are a prime way for cyberattackers to penetrate organizations’ systems. To combat the problem, Pentera, provider of automated security validation and with offices in Boston and Tel Aviv, Israel, unviled during Black Hat 2022 its new Credential Exposure, a new module on the Pentera platform for testing stolen and compromised credentials across the entire enterprise attack surface.
According to the company, the new module “leverages data from billions of real-world leaked credentials to expose compromised identity threats to internal and external attack surfaces.”
In a statement, Ran Tamir, chief product officer at Pentera, said the new module offers customers a “unique solution of actionable threat intelligence based on credentials that are already available online. This enables continuous validation of account exposure and a remediation plan before the accounts are compromised“.
Cybersecurity vendor CrowdStrike used the Black Hat 2022 conference to introduce new AI-powered indicators of attack (IoAs), delivered on its CrowdStrike Falcon platform and powered by the CrowdStrike Security Cloud.
Austin, Texas-based CrowdStrike’s new detection and response capabilities are intended to “stop emerging attack techniques and enable organizations to optimize the threat detection and response life cycle with speed, scale and accuracy.”
In a statement, Amol Kulkarni, chief product and engineering officer at CrowdStrike, noted that his company was a pioneer in IoAs.
“Now, we are changing the game again with the addition of AI-powered Indicators of Attack, which enable organizations to harness the power of the CrowdStrike Security Cloud to examine adversary behavior at machine speed and scale to stop breaches in the most effective way possible,” he said.
On the heels of Mimecast’s recent takeover by Permira, Mimecast unveiled during Black Hat 2022 its latest update to its email and business communications security platform. In a statement, the company, which is based in London with North American headquarters in Boston, said its Mimecast X1 platform is designed to “mitigate risks associated with hybrid work and the expanded attack surface that has resulted in a slew of new security risks.”
“The introduction of the Mimecast X1 Platform represents an important next step in our company’s transformational journey,” Peter Bauer, CEO of Mimecast, said in a statement. “With the adoption of [new] solutions, more organizations and employees at all levels can work protected by receiving critical security benefits at lower costs and with easy deployment options.”