20 Hottest Cybersecurity Products At RSAC 2022
Pindrop, Randori and Abnormal Security were among the companies that stood out to CRN during RSA Conference 2022.
A tool that monitors voice verification fraud, IBM’s latest acquisition and an artificial intelligence-based platform for email security were among some of the standout offerings from vendors at the annual RSA Conference.
Pindrop, Randori and Abnormal Security were among the companies that came to San Francisco to exhibit their software for more than 20,000 attendees gathered for the first in-person RSAC in two years.
Big tech names including Microsoft, Google and CrowdStrike also exhibited and spoke on panels that touched on cybersecurity best practices, training and regulation.
[RELATED: RSA Conference 2022: News And Analysis ]
Who attended RSA Conference 2022?
Cybersecurity funding appears to be strong for the long run, even as economists watch for signs of a pending recession from inflation in the United States, the Russian invasion of Ukraine and other events worldwide.
Venture capital funding for cybersecurity startups hit nearly $6 billion in the first quarter of 2022, up almost 50 percent from the first quarter of 2021. But first quarter funding was down from the $8.2 billion raised in the fourth quarter of 2021, according to Crunchbase.
Here are some of the cybersecurity offerings you need to know about in 2022, as seen at RSAC 2022.
Voice technology provider Pindrop used RSA Conference 2022 to announce new offerings.
New features for its voice security technology include ways to predict age range, predict spoken language and monitor voice verification fraud, according to the Atlanta-based company.
In May, Pindrop announced a new partnership with Google Cloud to build new authentication services for Google Cloud’s Contact Center AI.
Pindrop has raised more than $212 million to date, according to Crunchbase. It was founded in 2011.
During the RSA Conference, SentinelOne unveiled a vulnerability mapping feature that uses its multiple offerings from the company to automate threat hunting, detection and response.
The Mountain View, Calif.-based publicly-traded cybersecurity platform provider promises that the feature delivers vulnerability assessment, prioritization and remediation at machine speed.
Vulnerability mapping brings in capabilities from SentinelOne’s Ranger Internet of Things (IoT) network discovery tool and Storyline Active Response (STAR) endpoint detection and response (EDR) tool, according to the company.
Application security services provider Invicti Security was on the floor of RSA Conference 2022.
The Austin, Texas-based company recently added a software composition analysis (SCA) offering meant to help companies with tracking, scanning and securing open source components in applications to combat against vulnerabilities such as Log4Shell.
In Invicti’s interactive application security testing (IAST) module, the company recently added a Node.js sensor and support for bridge URL. The company also added support for GraphQL-based application programming interfaces (APIs) in Invicti Enterprise.
Last year, Invicti received a $625 million investment from private equity firm Summit Partners to support continued growth and product development initiatives.
IBM And Randori
On day one of RSA Conference 2022, IBM announced the upcoming acquisition of fellow showroom exhibitor, Randori.
Waltham, Mass.-based Randori provides attack surface management and offensive cybersecurity services. It is IBM’s fourth acquisition of 2022, according to the company.
Armonk, N.Y.-based IBM plans to integrate Randori’s offerings with IBM Security QRadar’s extended detection and response (XDR) capabilities. Security teams can use insights from Randori fed into QRadar XDR for real-time attack surface visibility. It will also use Randori’s continuous automated red teaming (CART) capabilities to improve X-Force Red’s hacker lead offensive security services.
IBM will also use Randori insights to improve its managed security services offering for thousands of clients.
Founded in 2018, Randori had raised more than $29 million in funding before the announcement, according to Crunchbase.
The company previously raised a $20 million Series A round of funding in 2020, led by Harmony Partners and with participation from existing investors Accomplice, .406 Ventures and Legion Capital, according to Randori.
Fresh off a Series B round of fundraising, DoControl offers an automated data access controls platform for software applications.
The New York-based company raised $30 million in April to scale its data security offerings, launch channel and partnership programs and grow globally. The company raised its $10 million Series A round last year.
In January, DoControl announced its first no-code security workflows, providing actions, triggers, remediation steps and paths in a drag-and-drop canvas for IT and security employees.
Founded in 2020, DoControl has raised more than $43 million in funding to date, according to Crunchbase.
Snyk Developer Security Platform
Snyk’s recent investments in its channel include the Technology Alliance Partner Program (TAPP) launched in April and the Global Service Provider program launched in March.
In February, the Boston-based developer security services provider announced the purchase of Fugue, a cloud security and compliance company, to add its cloud security posture management offerings to Snyk’s portfolio.
HashiCorp made a series of product updates leading up to RSA Conference 2022.
The San Francisco-based publicly traded security company made Terraform 1.2 generally available for multi-cloud provisioning and automation. The latest version has new ways to raise errors, validate dynamic module inputs and improvements to cloud integration with continuous integration and continuous deployment, according to the company.
HashiCorp also released Boundary 0.8 and Boundary Desktop 1.4.3, providing users with new health monitoring observability metrics, event logs and worker tags support in the administrator’s user interface.
Orca Cloud Security
Recent product developments from Orca Security include a context-aware security offering to identify and prevent cloud application security issues earlier in the development cycle and an attack path analysis and business impact score for cloud-native applications
The Portland, Oregon-based company announced in May the context-aware security offering, which considers the current runtime environment and deployed code to improve accuracy and monitors production environments for risks with contextual and prioritized alerts, among other actions, according to the company.
In March, Orca announced the attack path analysis and business impact score, which uses vulnerabilities, misconfigurations, trust privileges and other cloud risks and insights to find the most critical attack paths to sensitive data. Users can use a dashboard to visualize organizational risk, cutting down on alerts and the time to remediate.
Orca has raised more than $631 million since its founding in 2019. The company raised $550 million in a Series C funding round last October, when the startup was valued at $2 billion.
The company’s Orca Cloud Security Platform identifies, prioritizes, and remediates security risks and compliance issues across Amazon Web Services, Azure, Google Cloud and Kubernetes, according to the company.
Palo Alto Networks
Representatives with Palo Alto Networks were on site at RSA Conference 2022 to discuss new features in the company’s Prisma cloud-native security offering.
In March, the Santa Clara, Calif.-based publicly traded cybersecurity company announced a supply chain security offering to show potential vulnerabilities or misconfigurations in the software supply chain.
In February, Palo Alto Networks launched new capabilities for Prisma SASE aimed at managed service providers. The new capabilities include a hierarchical multi-tenant cloud management portal and open API framework.
Dynatrace’s recent investments in its software intelligence offerings include the recent extension of artificiation intelligence operations (AIOps) capabilities for leading database environments, including Oracle and Microsoft SQL.
The Waltham, Mass.-based publicly traded company announced in April that the extensions aim to help employees automatically surface and act on issues such as inefficient database queries. Recently released application program interface (API) endpoints also promise to allow observability-as-code practices to databases, according to Dynatrace.
In February, Dynatrace launched a development security operations (DevSecOps) automation partner program to improve integrations with Dynatrace’s platform and outside offerings. It also rolled out an enhanced application security module for real-time, automatic attack detection and blocking for injection attacks exploiting Log4Shell and other critical vulnerabilities.
Google Cloud subsidiary Chronicle Security announced some major updates leading up to RSA Conference 2022.
The Mountain View, Calif.-based Chronicle Security in April introduced new YARA-L functions for string matching, regex matching, timestamp operations and arithmetic operations in the Chronicle detection engine.
In March, Chronicle announced a public preview of context-award detections to make alerts more functionally enabled and improve detection and response.
Google has big plans for Chronicle following the announced acquisition of Siemplify, with plans to integrate the security orchestration, automation and response (SOAR) provider with Chronicle.
In May, Abnormal Security closed a $210 million Series C round of financing to improve its artificial intelligence-based platform for email security and grow in Europe and Asia.
The San Francisco-based startup tripled its annual recurring revenue and doubled its employee headcount over the past year, according to Abnormal. It counts among its clients Xerox, Hitachi Vantara and Groupon.
It announced its integrated cloud email security (ICES) platform in October, giving users an email security platform powered by behavioral AI and integrated with Microsoft 365.
Founded in 2018, Abnormal has raised more than $283 million in funding to date, according to Crunchbase.
Sysdig’s investments in improving its unified container and cloud security offerings include the recently announced Sysdig Advisor troubleshooting feature for Kubernetes.
The San Francisco-based company announced the new feature in May, promising users a single view of performance and event information to decrease the number of tools needed to solve issues.
In April, Sysdig revealed Risk Spotlight, a vulnerability prioritization feature based on runtime intelligence meant to reduce alert noise and prioritize remediation.
Earlier this year, Sysdig announced new investment in its channel program, promising to sell through partners to smaller customers and pledging more training, incentives, go-to-market funding, support and other resources for partners.
Founded in 2013, Sysdig has raised more than $729 million to date.
Publicly traded cybersecurity company CrowdStrike used RSA Conference 2022 to unveil an asset graph database powered by its security cloud to provide users a 360-degree view of managed and unmanaged assets.
The Austin, Texas-based company’s asset graph also aims to provide more attack surface visibility across devices, users, accounts, applications, cloud workloads and operational technology (OT).
CrowdStrike’s other graph technologies include threat graph and intel graph, according to the company.
Mandiant Digital Risk Protection
The Reston, Va.-based publicly traded cybersecurity company launched the service to provide users visibility outside of their network, including high risk attack vectors, malicious orchestration from the deep and dark web as well as campaign execution on the open web, according to Mandiant.
On the first day of RSAC, a ransomware group claimed that it had attacked Mandiant and was prepared to release internal files. But the released files appear to not have come from Mandiant, according to Motherboard.
Earlier this month, security operations services provider ReliaQuest announced that it plans to buy threat intelligence services provider Digital Shadows for $160 million.
Tampa, Fla.-based ReliaQuest plans to combine the new threat intelligence and digital risk offerings with its detection and response services for cloud, network and endpoint environments. ReliQuest offers the GreyMatter c
The additional offerings from San Francisco-based Digital Shadows promise to increase visibility, reduce complexity, manage risk and decrease response time, according to ReliaQuest.
The deal has been approved by both companies’ boards and is subject to regulatory approvals, according to ReliaQuest.
Kaseya subsidiary IT Glue received new capabilities leading up to the RSA convention.
In April, Canada-based IT Glue announced an automated account backup feature for exporting data with adjustable cadence, according to the company. IT Glue also now sports advanced checklists and an integration for automated services billing through BMS and IT Glue.
This year, Kaseya announced that it will pay $6.2 billion for publicly traded data backup services provider Datto.
On the second day of RSA Conference, BlackBerry announced an upcoming CylanceGateway zero trust network access (ZTNA) tool to provide users with a contextual correlation of network and device telemetry with continuous authentication to limit access to trusted, authenticated, and known users and devices.
The Canada-based company promises that its tool can help protect against ransomware and other cybersecurity threats by securing access from any device on any network, use Cylance artificial intelligence to reduce risk and provide zero-day phishing detection, according to the company.
The tool also provides secure connectivity for bring-your-own-device (BYOD) deployments including connections to Microsoft 365, and it detects lateral movement attempts with the Mitre Att&ck framework rules, according to BlackBerry.
In April, identity security company SailPoint unveiled two new product suites – SailPoint Identity Security Cloud Business and SailPoint Identity Security Cloud Business Plus.
The Austin, Texas-based company promises that its SailPoint Identity Security Cloud Business package can provide users with essential identity security capabilities to start an identity security journey built with artificial intelligence and machine learning, according to the company.
SailPoint Identity Security Cloud Business Plus comes with more offerings to discover, secure, and manage identities across an entire hybrid infrastructure.
Cisco Security Cloud
Cisco detailed this week its new overarching security strategy that will start with a single platform. The tech giant also took to RSA 2022 to launch its second—and eagerly awaited—everything-as-a-service Cisco Plus offer for unified Secure Access Service Edge (SASE).
Cisco Security Cloud is the basis of the San Jose-based networking giant
security plan for the future. The unified, open-standards-based platform will ensure security across hybrid and multi-cloud environments with capabilities for securely connecting people, applications and devices located anywhere. The platform will include threat prevention, detection, response and remediation at scale, with no vendor lock-in, according to the company.
Similar to the approach Cisco took with its flagship Webex collaboration platform, the company has been working on Cisco Security Cloud for some time and will continue to develop the platform over the next several years, Jeetu Patel, Cisco executive vice president and general manager of security and collaboration, told CRN.