The hottest cybersecurity products at RSA 2018
18 April 2018 | 0
Visitors to RSA, the world’s largest security conference held in San Francisco in April, can hear about the latest strategies for fighting cyberattacks. They can also check out the exhibition areas, where they can see the latest hardware and software to protect their valuable corporate assets. Here’s a quick run-down of some of the new products announced at the conference or shown there for the first time.
Cybersecurity Asset Management Platform
Key features: Gives you a comprehensive view of all devices on your network using an extensible plugin system to gather data from the security and management tools you already have, including identity and authentication systems, NAC, firewalls, vulnerability scanners, switches, SIEM, EDR, and more.
Key features: beSOURCE is a static application security testing tool that aims to educate developers about the problems it finds. It’s built on a compiler-free inspection engine and works with several programming languages. The first release is a stand-alone tool for individual developers; future versions will support enterprise and cloud deployments.
Key features: HaXM is an advanced persistent threat (APT) simulation platform that automatically attacks your network and then reports on how any vulnerabilities discovered can be remediated. It can be run on premises or from the cloud.
Key features: SIEMonster’s Redback security monitoring appliance will keep tabs on the internet of things in your home or small office, sending alerts of hacking attempts or available firmware updates to your smartphone. Redback will run Cog Systems’ D4 Secure platform to encrypt storage, harden the OS and secure its VPN link to the SIEMonster cloud.
Kenna Application Risk Module
Key features: The Kenna Application Risk Module combines information from static and dynamic application security tests, bug bounties and exploit intelligence to score risks by application and by vulnerability. Part of the Kenna Security Platform.
Key features: Aella Data reckons its Starlight pervasive breach detection system can detect a breach within minutes, rather than days. Its network telemetry captures information from layers 4 through 7, allowing it to identify session duration and the applications used.
Key features: This agentless software suite provides remote-access capabilities for global defensive network operations and live threat analysis. Version 2.0 improves scalability and performance, and adds a new dashboard with customisable analytics, and a new API for integration with existing endpoint monitoring and SIEM (security information and event management) products.
Secdo Alert Correlation
Key features: The causality analysis tool collects streams of data from all corporate endpoints, analysing them in real time to highlight how threats enter the network. If several streams match threat patterns, the system presents them in order of danger. Alert correlation is part of Secdo’s endpoint security and incident response platform.
FireMon Global Policy Controller
Key features: Enforces global policy by automatically performing compliance checks before applications or assets are pushed onto the network. Can translate business intent into specific security rules, offering self-service security to DevOps and other application owners. Allows fine segmentation of policies and adapts to network changes.
Key features: CounterACT is an agentless device visibility platform. It can auto-classify enterprise devices based on crowd-sourced information on over 3 million different device types. Version 8 of CounterACT now supports up to 2 million devices in a single enterprise manager.
Key features: Fidelis Elevate has been upgraded. Its deception module now extends to the cloud, using active decoys that mimic critical assets to lure attackers away from real assets. On the network, its retroactive detection of newly found indicators of compromise has been augmented with a sandbox analysis report of the object found. The endpoint module now presents analyst with event details on a timeline to provide context.
OTX Endpoint Threat Hunter
Key features: This threat-scanning service is available free to any registered user of Open Threat Exchange. Based on over 19 million indicators of compromise contributed to the exchange by its 80,000 participants, it allows security staff to hunt for threats on critical servers without recourse to other products. The AlienVault agent runs on Windows and Linux hosts and endpoint devices.
Arxan Threat Analytics
Key features: This threat alerting service, available to Arxan Application Protection customers, allows apps to phone home to report their status. Knowing when their apps are under attack, or running in a risky environment such as on a jailbroken device, allows business to take appropriate countermeasures. Arxan compiles the threat data anonymously to provide customers with details of attack trends.
Key features: A reference architecture for deploying a secure data lake, SecureData@Optiv can be used to run analytics for security functions including situational awareness dashboards, incident detection and response, vulnerability scanning, compliance and e-discovery. It is built on open source and big data platforms including Elastic, Splunk, Phantom Cyber and Streamsets.
Key features: Meta NaaS provides a worldwide virtual overlay network with a global backbone, routing and securing traffic inside a software-defined perimeter according to identity-based policies. Auditing and analytics tools support anomaly detection and compliance.
CrowdStrike Real Time Response
Key features: A new feature added to Falcon Insight, Real Time Response is designed to help customers contain compromised systems remotely so they can investigate and eradicate threats.
SonicWall Capture Cloud Platform
Key features: SonicWall Capture Client now features advanced endpoint security and rollback capabilities. Other elements of the Capture cloud platform have been enhanced: Capture Security Center now offers customer-specific visibility and device management, while Capture ATP customers benefit from protection from memory-based attacks thanks to deep memory inspection capabilities.
IDG News Service