Black Hat USA 2023 served as launchpad for a number of cybersecurity services and products, with many notable distributors in addition to up-and-coming startups showcasing their improvements on the annual convention, held this week in Las Vegas.
The CSO workforce has put collectively an inventory highlighting probably the most important debuts on the present — which, together with the RSA Convention, is one the premier world cybersecurity occasions. This abstract of prime safety expertise illustrates the range of safety merchandise on the present, together with generative-AI primarily based cybersecurity instruments, prolonged detection and response (XDR) software program, menace searching and Safety Operations Heart (SOC) automation, utility safety merchandise, and vulnerability administration packages.
Cycode: Prolonged ASPM, IDE plugin
Cycode, an utility safety posture administration (ASPM) system, has expanded its hard-coded secrets and techniques detection capabilities to embody help for Confluence, AWS S3 buckets, and Azure environments, in addition to a brand new IDE plugin for integration with VS Code. The plugin helps builders detect in addition to remediate hard-coded secrets and techniques from inside one system. Moreover, a brand new Cycode-Azure collaboration permits Cycode Cimon — a free CI monitoring answer designed to safe CI/CD pipelines — to function with Azure DevOps pipelines to allow SLSA (Provide Chain Ranges for Software program Artifacts) attestation technology. All new capabilities can be accessible instantly after Cycode’s showcases them from sales space #1875 on the occasion. Cycode didn’t instantly disclose pricing for the brand new capabilities.
Netrise: New SBOM options and KEV help
NetRise has added ingestion help for 2 main software program invoice of supplies (SBOM) codecs, SPDX and CycloneDX, to its namesake prolonged web of issues (XIoT) safety platform. The options permit customers to export information in both format and is designed to complement SBOMs with vulnerability info. Overlaying CISA’s key exploited vulnerabilities (KEV) catalog information on the data gathered within the platform might help to simplify figuring out, addressing, and prioritizing recognized exploits, in accordance with the corporate. The brand new options are included within the present pricing mannequin for no extra costs and can be accessible from August 9. The corporate showcased the options at sales space #SC118.
ThreatConnect: Intelligence requirement capabilities
ThreatConnect has enhanced its machine-learning powered TI Ops Platform for menace intelligence operations with new intelligence requirement capabilities. The brand new characteristic is aimed toward serving to prospects outline, handle, and monitor their intelligence necessities (IRs), precedence intelligence necessities (PIRs) and requests for info (RFIs), and clear up the issue of menace intelligence being produced ad-hoc and siloed with out enter from stakeholders. It’s designed to offer safety professionals the flexibility to create optimally outlined necessities and use them to establish related intelligence inside the buyer’s personal menace library and ThreatConnect’s world intelligence system. The potential is included inside the present pricing mannequin and is offered to present and new prospects from August 7. ThreatConnect demonstrated the potential from sales space #2940 at Black Hat.
Ironscales: Phishing Simulation Testing, ADE
GPT-powered phishing simulation testing (PST), now in beta launch, is designed to assist employers generate extremely customized spear-phishing simulation campaigns to fight hard-to-detect, superior phishing assaults. Phishing simulation messages are crafted using PhishLLM, Ironscales’ proprietary LLM educated on Ironscales’ neighborhood information, which is a part of the Ironscales multimodule platform. Moreover, unintentional information publicity (ADE) is being rolled out as Ironscales’ new functionality for alerting workers once they ship probably delicate info. Ironscales showcased the brand new capabilities in sales space #2810D and has made them accessible underneath beta to restricted customers till common availability deliberate for later this yr. Pricing for the capabilities is to be determined primarily based on the suggestions from the beta launch.