10-Plus Hot New Security Solutions From Big-Name Vendors At RSA 2016

Red-Hot Products, Red-Hot Market

Some of the biggest names in technology were using the RSA Conference in San Francisco this week to introduce their latest and greatest in security. Among the vendors at the event were Dell SonicWall, Kaspersky Lab, Check Point Software Technologies, FireEye, Hewlett-Packard Enterprise and Microsoft. With hot new startups vying for attention at the RSA Conference, these launches show that the big-name vendors are very much still in the game too -- rolling out new offerings around advanced threats, analytics, firewalls and security management capabilities. Here are 10 companies that shook things up at RSA (plus a bonus).

Dell SonicWall

Dell SonicWall made its first foray into advanced threat protection, launching the Dell SonicWall Capture Advanced Threat Protection Service Monday. The offering provides an additional layer of protection against zero-day and advanced threats for its largely SMB customer base and is available as a subscription service on top of the Dell SonicWall appliance. Capture offers a new take on APT protection, lacing together three sandboxing engines to deliver a multi-layered defense approach. Capture includes sandboxes from SonicWall itself, Lastline and VMRay. It also features remediation features.

Kaspersky Lab

Kaspersky Lab made a number of moves Tuesday to help customers shift from protection technologies to detection and response. The Kaspersky Anti-Targeted Attack Platform provides actionable intelligence on existing threats in the network by collecting data from network, Web, email and endpoint sensors and feeding it into an advanced sandbox for detection, and a Targeted Attack Analyzer now assesses and combines threat verdicts. Kaspersky also releaseds a line of Security Intelligence Services that includes security assessment services, cybersecurity training and threat intelligence. The security-as-a-service products are aimed at large organizations, government agencies, ISPs, telecoms and MSSPs.

Check Point Software Technologies

Check Point is re-imagining the way customers and partners interact with the company's technologies, unveiling Tuesday a next-generation security management platform called Check Point R80. The new security management platform brings the entire Check Point database and appliance ecosystem under a single management console, through which partners and customers can manage their entire IT infrastructure, security policies and other Check Point technologies. In addition to a single management console, the new R80 platform adds unified policy management and integrated threat management capabilities.


FireEye drilled down on the critical infrastructure market at RSA. Its first launch was a new Mandiant service, called Mandiant ICS HealthCheck, to help organizations access their industrial control systems for security risk. Tools include a threat model diagram, an ICS HealthCheck report and technical and strategic recommendations to improve systems. FireEye also unveiled a partnership with Belden, which provides end-to-end transmission solutions for mission-critical applications. Under that partnership, the two companies will provide integrated industrial control network security solutions, with Belden bringing a portfolio of critical infrastructure networking solutions and FireEye bringing advanced detection, threat intelligence and Mandiant ICS services.


IBM made news at the RSA show with its plan to purchase leading incident response company Resilient Systems. The move confirms earlier reports that IBM was in talks to buy the Cambridge, Mass.-based company. In a statement, IBM Security General Manager Marc van Zadelhoff said Resilient will add key incident response capabilities to the IBM portfolio as the company looks to invest heavily in growing its security portfolio.

"IBM is the world's fastest-growing enterprise security company, and we lead the industry in the detection and prevention of cyberattacks. … We are doubling down on the incident response market," van Zadelhoff said.

Hewlett-Packard Enterprise

Hewlett-Packard Enterprise continued to expand its security portfolio, launching the HPE Cyber Reference Architecture Tuesday. The offering is a framework to help companies use technologies from HPE ArcSight and HPE Threat Defense Services to build a layered security approach around detection and response. The framework acts as a blueprint for a company's security architecture build-out, with more than 350 security capabilities to choose from.

The company also added security alerting, security investigation and response, and threat intelligence and analytics capabilities to its Threat Defense Services offering.

Barracuda Networks

Barracuda Networks Wednesday said it had expanded its next-generation firewall line with the addition of the Barracuda NextGen Firewall S-Series. Part of the S-Series, the Barracuda NextGen Firewall SC1 appliance is aimed at highly distributed and hybrid networks, offering firewalling, Wi-Fi and full VPN connectivity under a centrally managed solution. The S-Series also includes the Barracuda NextGen SAC, which is a virtual gateway for public and private cloud environments that helps optimize traffic and apply security functionality to SC1 appliances.


CyberArk, which focuses on the privileged account management market, expanded its offerings Tuesday with the launch of CyberArk Privileged Threat Analytics v3.0. The new solution is geared specifically to secure Microsoft Active Directory infrastructure, providing targeted analytics and network traffic analysis for real-time threat detection, as well as containment capabilities for response. CyberArk said the new solution is critical, as Active Directory poses a tantalizing threat for attackers, with controlling access over domains, domain administrator accounts, critical servers and workstations.


Microsoft rolled out a series of enhancements to its security portfolio in advance of the RSA Conference, including the general availability of Microsoft Cloud App Security (from its acquisition of Adallom) coming in April, Customer Lockbox for SharePoint Online and OneDrive for Business, more security management and reporting options in Azure Security Center and a new Power BI Dashboard for managing security alerts. The company also unveiled Azure Active Directory Identity Protection, Azure Security Center Advanced Threat Detection and a new threat visualization in the Operations Management Suite. In a blog post, CISO Bret Arsenault said Microsoft is working to stay "one step ahead of the threats," investing in real-time and predictive analytics capabilities, threat intelligence, and building partnerships across the industry for better security.


Gigamon Monday unveiled its Metadata Engine, a launch it says will enhance the security analytics capabilities of its GigaSecure Security Delivery Platform. Gigamon said the solution will "super charge" SIEM with better data and analytics around network metadata, including URL/URI information, SIP request information, HTTP response codes, DNS queries, DHCP queries, certification information and custom data.

"We want to enable our customers to drastically improve their security posture by taking advantage of the latest trends in security analytics," Shehzad Merchant, CTO of Gigamon, said in a statement about the launch. "By enabling both context and packet-based security analytics, Gigamon’s customers benefit by improving their ability to uncover intruder threats faster."

Resilient Systems

IBM this week said it plans to acquire this stalwart in the enterprise incident response market (see next slide). Prior to the announcement, Resilient Systems said it was moving into the midmarket with the launch of Resilient Commercial Incident Response. The company's enterprise offering has been renamed Resilient Enterprise IRP. Features of the new platform include response action plans, incident tracking, orchestration, collaboration, integration, incident simulation and reporting. The solution will launch at about half the price of the company's enterprise offering, CEO John Bruce told CRN, and will look to help customers and partners address growing cyberthreats aimed at midmarket companies.