25 Security Innovations Unveiled At RSA 2015
Front And Center
Security startups and legacy players alike took advantage of the industry's largest event of the year to launch new products and updates. At the 2015 RSA Conference in San Francisco this week, new products and updates were rolled out, including innovations in threat intelligence, threat detection, ATP, firewalls and more.
Take a look at 25 of the unveilings from the event this week.
Intel Security introduced multiple updates and integrations to its security solutions in network visibility, data protection, threat management, cloud security and managed security services. The company rolled out integration and technical updates to its Data Exchange Layer, Next Generation Firewall, Email Protection and Enterprise Security Manager offerings, which the company says will help leverage cross-capabilities as well as increase visibility and threat protection capabilities. Intel Security also launched the McAfee Public Cloud Server Security Suite, which extends its security capabilities to the public cloud. Finally the company revealed an integration with Ericsson for joint managed security services.
Barracuda Networks revealed the latest version of its NG Firewall line, designed to simplify setup and management for solution providers and clients. The update includes some education-friendly features, such as safe search enforcement around YouTube and SafeSearch, as well as Wi-Fi policy enforcement. In addition, the company unveiled self-service configuration for users on MacOS, Windows and iOS, as well as a new Firewall Remote iOS application.
"The latest version of Barracuda NG Firewall combines application-aware traffic control and next-generation security features designed to help K-12 school districts meet the security demands of technology-enabled schools," said Klaus Gheri, vice president of Network Security, in a statement. "We are pleased to offer our customers these new enhancements as we continue to deliver on our Total Threat Protection initiative."
At RSA, EMC heralded the availability of Customer Managed Keys, a solution aimed at providing more management control over rights-managed files. The solution allows for the choice between storing rights management keys in the cloud or in Syncplicity data centers.
After President Amit Yoran kicked off Tuesday's show with a keynote address, RSA trumpeted two new solutions. RSA Via, a new line of products, combines authentication, identity, and access management and governance into a single solution designed to protect from the endpoint to the cloud. RSA also revealed that it has extended RSA Security Analytics to the cloud, including features to aggregate logs in the cloud and introduce threat-detection capabilities.
Centrify Privilege Service
On Tuesday, Centrify reported the launch of cloud-based identity management solution Centrify Privilege Service. The multitenant cloud service solution, delivered in a pay-as-you-go model, is designed to address the problem of privileged accounts exiting the corporate perimeter as more companies adopt cloud solutions. Key features include ability to grant cloud-based access to contractors without giving VPN access, central emergency access and secure access to storage and network solutions. The CPS solution adds to the company's Centrify Server Suite offering, which provides privilege management for servers, network devices and Infrastructure-as-a-Service.
Gurucul Cloud Analytics Platform
In advance of the event, Los Angeles-based threat detection company Gurucul unveiled the launch of a Cloud Analytics Platform to help clients protect cloud applications from attacks. Based on the company's Gurucul Predictive Identity Based Behavior Anomaly Engine, the solution uses behavioral analytics and machine learning algorithms to detect both internal and external threats. The company said the solution is immediately available to partners and direct clients.
Cloud Security Alliance
On Monday, the Cloud Security Alliance introduced new guidelines for early adopters of the Internet of Things as well as a Certified Cloud Security Professional certification to provide advanced security skills for cloud environments, in partnership with IC2. The certification is designed to set the standard for design, implementation and management of cloud environments, the group said. The alliance also unveiled an open beta for CSA STAR Watch, a tool to help companies manage security assessments for cloud environments using CCM and CAIQ.
Catbird, a Scotts Valley, Calif.-based company focusing on software-defined security solutions for virtualized environments, rolled out a new solution Monday called Catbird Insight, intended to add more visibility into server traffic. More specifically, the product looks to give visibility into east-west traffic across clouds, networks and applications, a capability it says will help enterprises fight back against horizontal attacks looking to take advantage of a vulnerability in the virtualized infrastructure.
NowSecure Lab Cloud
Mobile security company NowSecure has launched a new cloud solution to add to its mobile app testing suite. The latest version, which is a hardware-free version of the company's NowSecure Lab, is aimed at giving app developers a secure cloud suite to identify risk factors and vulnerabilities in custom and third-party apps. The solution is designed to work automatically to discover security flaws in apps as the code is updated in development, and will soon be expanded to allow for testing of network traffic, login functionality and more, the company said.
Adlink Technology, a Taiwan-based company offering building blocks for edge devices for the Internet of Things, rolled out a dedicated media server, MCS-2040, with built-in media-processing management software specifically geared toward video applications.
"The current landscape includes high-cost, low-performance generic servers that rely purely on software to make them competitive as a media cloud server, or dedicated servers with no built-in software to enable faster development time for video applications," explained Yong Luo, head of Adlink's Embedded Computing Product Segment, in a statement. "The MCS-2040 offers increased performance that mitigates the overall product cost by ~50% and enables upgrade to a new generation of CPU/GPU without changing a single line of source code."
Dispersive Technologies, a software-defined networking company, launched Dispersive SDS at RSA on Monday. The solution provides a software-defined platform for security data at rest by dividing data into blocks and shuffling the blocks' locations based on bandwidth, performance and usage needs. The SDS solution adds to the company's DispersiveStorage and Dispersive Virtualized Networks solutions. The solution will be available to enterprises as a cloud-based solution and partners will be able to offer the solution later this year, the company said.
Lastline Knowledge Base
On Tuesday, Lastline launched the Lastline Knowledge Base, which is designed to help companies gain more insight and extensive historical malware data to protect against and respond to data breaches. The solution adds to the company's Lastline Breach Detection Platform.
’In enterprise security, knowledge is the lifeblood of defense,’ said Brian Laing, vice president of products for Lastline, said in a statement. ’Drawing on decades of research, we’ve built a continuously updated, fully integrated and searchable database of threat intelligence within the Lastline Breach Detection Platform. The Lastline Knowledge Base puts instant malware knowledge specific to each customer organization into the hands of security professionals who can use it to simultaneously defend against current threats while preventing future breaches."
HawkEye G 3.0
Hexis Cyber Solutions rolled out a new update to its HawkEye G integrated cybersecurity platform. The HawkEye G 3.0 update pulls together integrations from leading security vendors, including FireEye, Splunk and Palo Alto Networks, as well as evidence-based threat detection capabilities with ThreatSync. The company said the integrated HawkEye platform is much more effective than point solutions in the face of rising complexity of cyberthreats, using threat intelligence from third-party integrations and its own host-based and network-based detection capabilities.
On Monday, file encryption software company WinMagic launched SecureDoc Cloud, which is designed to encrypt and manage files shared through cloud file sharing services such as Box and Dropbox. The solution, which adds cloud capabilities to the company's SecureDoc offering, takes advantage of WinMagic's endpoint management capabilities to help enterprises manage document security with encryption keys, centralized key management, file-sharing passwords and pre-boot authentication. The solution is now available in beta and a full release is expected in October.
Medford, N.J.-based information security company Watchful Software rolled out an update to its RightsWatch solution on Tuesday at the RSA event. Version 6.6 boosts risk, governance and compliance tools as well as policy management and collaboration with SharePoint. In particular, the release is meant to give IT managers the ability to set GRC policies for any file type, as well as Intelligent Time Access, which automatically updates classification after a specified period of time. The SharePoint update allows IT managers to increase security around SharePoint using automatic classification and rights management tools.
Unveiled the week before the event, GhangorCloud made its first public appearance and became generally available at the RSA event. Built from a collection of long-time security executives, including Tarique Mustafa, the San Jose, Calif.-based company looks to bring a new twist to governance, risk and compliance based on engine and security algorithms to analyze large volumes of data in real time. The company also heralded the general availability of Information Security Enforcer, which includes identity and role authorization, policy enforcement, GRC enforcement and automated data identification and classification.
Netskope Cloud Access Security Broker
On Monday, Netskope said it has rolled out a solution to help enterprises boost security and regulatory compliance around on-premise cloud apps. The unveiling at RSA extends the company's Cloud Access Security Broker to include security coverage for private cloud environments for fully on-premise or hybrid solutions, under the name Netskope Secure Cloud. The solution is aimed at regulatory-heavy industries such as those with PCI and HIPAA requirements. Netskope also reported updates to its flagship cloud offering, Netskope Active Platform, including a risk dashboard, quarantine, legal hold, partner collaboration, file tracking and increased management options.
Fox-IT, a European cybersecurity company focused on threat intelligence, launched the Cyberthreat Management Platform on Monday at the RSA conference. The solution works to provide a single unified platform for an organization's cyberthreat management, threat intelligence, network and endpoint threat detection and SIEM. The solution will be available in the U.S., Europe, the Middle East and Africa as a fully managed, hybrid or standalone solution.
Security Orchestrator 3.0
On Monday, CSG Invotas, an Alexandria, Va.-based security orchestration and automation company, rolled out updates to its Security Orchestrator platform. The latest update bolsters the solution's speed and response to data breaches with a Cyber Playbook, abilities to set Confidence Rules around users and acts, and increased incident lifecycle management capabilities.
’Security operations centers can’t survive without security automation because their limited staff resources are overloaded with more and more events,’ said Paul Nguyen, president, CSG Invotas, in a statement. "To keep up with the volume and speed of today’s threats, we need a new approach, which is where orchestration and automation can bridge the gap."
User Behavior Analytics
On Monday at RSA, Fortscale Security revealed that it has extended its User Behavior Analytics solution to include visibility into user activity in business applications. That shift is intended to enable enterprises to get better visibility into behavior anomalies at the application level, including custom-built applications. The company's solution was recognized by RSA as one of the finalists in the event's prestigious Innovation Sandbox competition, held on Monday.
Easy Solutions Total Fraud Protection
Easy Solutions, a Miami-based threat-detection and threat-prevention company, reported on Monday the general availability of its Total Fraud Protection solution, which it says will provide clients with a single pane of glass view for threat detection and management. In particular, the solution is geared toward anti-fraud purposes for financial companies and enterprises.
AppGate Secure Access
Threat-intelligence and threat-prevention company Cryptozone unveiled on Monday at RSA its new solution for access control, called AppGate Secure Access. The perimeter defense solution works by making the application and server infrastructure invisible to unauthorized resources, the company said. That type of defense is the "next generation" of agile security, Kurt Glazemakers, senior vice president of product strategy, said in a statement about the news. The solution can be used across a variety of network infrastructure, including cloud and hybrid environments, the company said.
Damballa Failsafe 6.0
Advanced threat-detection and containerization company Damballa unveiled a new update to its Failsafe platform on Monday at RSA. The company said the latest update to the ATP tool uses a distributed computing architecture to "future proof" threat detection for clients. The update also adds detection modules, such as a Structured Threat Information Expression module for increased intelligence using community-driven efforts and standardized language.
’Now, with Failsafe 6.0, we are delivering the industry’s most mature advanced threat detection product, based on years of machine learning using the industry’s largest set of unfiltered, unbiased data set. Our unmatched behavioral and content analysis capabilities provide security teams with actionable context so they can immediately take action, including automating their response," Brian Foster, chief technology officer of Damballa, said in a statement.
Email and Web security company AppRiver unveiled an update to its cloud-based Web security offering SecureSurf. The update adds Critical Threat Notification and warning system as well as increased network protection capabilities.
"By combining our own file, message, Web and network threat intelligence with industry data, we are effectively identifying network threats and vulnerabilities in order to minimize the threat attack window, or the amount of time an adversary is in the network before they are discovered," said Joel Smith, AppRiver chief technology officer, in a statement.