Application vulnerabilities, phishing on mobile devices, and passwordless authentication -- these are only a few of the security challenges that vendors addressed at RSA Conference 2022. Dozens of vendors introduced new products and services, which ranged from broad security management platforms to more targeted tools.
Several major product moves focused on improving the security postures of organizations. SolarWinds, for example, introduced Hybrid Cloud Observability. The service provides a unified view of distributed and hybrid network environments, with the goal of expediting problem resolution and enabling proactive management.
Other vendors that tackled cybersecurity on broad terms included the following:
Cisco revealed plans for Cisco Security Cloud, an open security platform that delivers unified management of threat prevention, detection and response, and remediation capabilities. Cisco also introduced Cisco+ Secure Connect Now, a secure access service edge offering. In addition, Cisco said it will upgrade many of its products by adding less intrusive methods for risk-based authentication, incorporating the concept of continuous trusted access, integrating Talos Intel On-Demand service for custom threat intelligence, and using session trust analysis standards to share information between vendors.
VMware showcased Contexa, a cloud-based technology that curates and analyzes threat intelligence data. Contexa’s threat intelligence uses machine learning and insights from VMware’s Threat Analysis Unit and incident response partners. It currently uncovers more than 2.2 billion suspicious behaviors daily, VMware said. The vendor will integrate Contexa with all its security products.
Armis debuted Armis Asset Vulnerability Management (AVM), a product for risk-based vulnerability management. AVM offers visibility into managed and unmanaged assets and vulnerabilities in an environment, Armis said. The product also features security automation and orchestration to reduce mean time to remediation.
Security analytics player Gurucul released the Gurucul Security Analytics and Operations Platform. The cloud-native, modular platform consolidates core security operations center technologies with identity threat detection and response. The platform combines several of Gurucul’s technologies, including security information and event management; extended detection and response (XDR); user and entity behavior analytics; network traffic analysis; security operations and automation response; and identity access analytics.
RSA Conference 2022 also featured new products that address specific areas of security. Here’s a look.
Clumio rolled out SecureVault Lite, a data protection offering for AWS EC2 and EBS. SecureVault Light is a less expensive version of the company’s SecureVault product. The Lite version stores backups outside of customers’ AWS accounts, separated from the production environment. The customer data is kept on immutable storage; encrypted at rest and in flight; and provides multifactor authentication with single sign-on integration, access controls for assets and roles, and no delete button, Clumio said.
SecureAuth launched Arculix, a passwordless authentication and identity orchestration platform. The platform authenticates users’ claimed identities via automated, risk-based behavioral models driven by AI and machine learning, the vendor said. The SaaS-based offering works across applications and devices, continuously informing end users of risks after mobile login based on device and browser fingerprint analysis.
Supporting its renewed focus on identity, RSA announced ID Plus, a new SaaS-based identity and access management platform for securing cloud-based applications, systems, and users. RSA also announced DS100, a passwordless, cloud-enabled hardware authenticator that combines FIDO protocols with one-time passwords. DS100 works both plugged and unplugged, the vendor said.
BlackBerry revealed CylanceGateway, a zero-trust network access service. CylanceGateway uses AI-driven security to correlate network and device telemetry. Combined with continuous authentication, the service limits access to trusted, authenticated, and known users and devices, BlackBerry said.
The Rest of the Best
The following vendors also released new offerings at RSA Conference 2022.
Fortinet came out with FortiRecon, a digital risk protection service that provides external attack surface monitoring and the ability to identify risks to customers. The vendor said FortiRecon uses adversary-centric intelligence, which relies on FortiGuard Labs to assess threat risks and monitor public and private forums, open source, and the dark web.
Optiv unveiled Cyber Recovery Solution (CRS), a new service that provides strategic and tactical guidance for cyber resiliency. CRS identifies and prioritizes the protection of key assets through automated workflows that back up critical data, systems, and applications, Optiv said. CRS also supports the implementation of a vaulted, data-isolated, air-gapped backup technology that reduces the risk of data loss.
Turbine, a new platform from Swimlane, aims to improve low-code security automation by ingesting, pre-processing, enriching, and acting on petabytes of data at machine speed. Turbine is similar to XDR but responds to threats immediately instead of after detection, data aggregation, and manual response processes, the company said. The platform uses an active sensing fabric with flexible webhooks and remote agents. It connects to hybrid and multi-cloud environments.
More news from RSA Conference 2022: