Life is buzzing in San Francisco and the RSA conference is in full swing! RSA is an annual data security conference that’s big news for IT and security folks. We gave you the inside scoop on Microsoft’s top RSA announcements at this year’s conference. Now let’s see what other tech companies have to present to the market. Here are some of the overall top announcements at RSA 2020, aside from Microsoft’s.
Top Announcements From Google
- reCAPTCHA Enterprise. The reCAPTCHA technology is that “I’m not a robot” box we find on certain websites where hosts want to verify that we are legitimate humans requesting interactive access. Google is announcing a “new wave of defense capabilities” for reCAPTCHA, and its general availability now allows more website admins to increase their protection from malicious bots.
- Web Risk API. Google is constantly investigating and recording unsafe websites. Web Risk API allows web applications to check URLs against Google’s list of these sites. This security product is also now generally available.
- New scanning capabilities in Gmail. This technology is still under development and is currently only scanning Office documents, but it has made a 150% improvement in detection rate of malicious email documents.
- Chronicle security improvements. It was last year at RSA 2019 that Google announced Chronicle, a security analytics platform designed to help businesses investigate threats efficiently and affordably. Now, at RSA 2020, Google is announcing two additions to Chronicle. One is enhanced data modeling that allows the platform to link multiple security events into a single timeline. The other is improved threat detection using a new language, YARA-L. Google says YARA is a language that was built specifically for today’s behaviors and threats. (The L stands for logging of information.) Google is proud to announce that YARA-L provides “massively scalable, real-time and retroactive rule execution.”
(As a further note on Chronicle, though, its original creators appeared quite disappointed with its capabilities within Google Cloud at the end of last year. It may be that YARA-L has improved things, but we at Infused Innovations personally recommend a security product with a stronger reputation and over a billion dollars a year of research behind it. If you’re looking for scalable threat intelligence and security analytics, Microsoft’s Azure Sentinal is generally available and you can try a free proof-of-concept here.)
New FIDO2 Hardware
eWBM, a company that provides modules and microcontroller units (MCUs) for the FIDO2 Goldengate Series, is announcing a new biometric key to support Microsoft Azure Active Directory (Azure AD). It’s called G320 and it is USB configured. Its simplicity allows more people to use it–once it’s registered, the user simply plugs it into a USB port and signs into an account with a fingerprint. Powered by eWBM’s MS500 microprocessor, it has a strong fingerprint recognition algorithm and robust security features. This is a big step toward the enhanced security of biometric, passwordless authentication.
Other top announcements at RSA 2020
- Cisco announces SecureX, which is a cloud-native security platform that unifies existing security products and improves visibility and workflow. It also enables better collaboration between SecOps, IT and NetOps teams.
- CyberArk brings enhancements to its Endpoint Privilege Manager. This allows privileged users to deceive attackers with fake admin accounts and quickly shut down any attacks in progress.
- GreatHorn unveils its Account Takeover Protection, a biometric tool which looks at the user’s typing patterns and employs machine learning to identify compromised accounts when patterns stray from the norm.
- F5 Networks announces new application security solutions. Among these are Aspen Mesh Secure Ingress, which helps secure traffic entering Kubernetes clusters, and Behavioral App Protect, a cloud solution that detects malicious app behavior in real time.
- Palo Alto Networks introduces Cortex XSOAR. This security orchestration, automation and response (SOAR) platform evolved out of the Demisto platform that Palo Alto Networks acquired last year. It combines threat intelligence management with SOAR capabilities, allowing for hundreds of automated orchestrations.
- CrowdStrike announces Endpoint Recovery Services and new features on the Falcon platform. Endpoint Recovery Services accelerates business operations in recovery after an intrusion. It’s powered by the Falcon platform, which also now has other new features. These include a new Developer Portal for partners and developers, as well as the Spotlight App for Security Operations which delivers real-time vulnerability data from Falcon Spotlight into their ServiceNow Vulnerability Response.
- FireEye makes its Mandiant Threat Intelligence Suite available. These bundled offerings come in incremental tiers, which simplifies the process for organizations in selecting their best option for intel-led security.
- Fortinet announces FortiAI, a new on-premises appliance which uses self-learning Deep Neural Networks (DNN). These capabilities lead to quick threat remediation and reduce time-consuming manual tasks for security analysts.
- VMware launches the VMware Advanced Security for Cloud Foundation, which enables customers to replace their legacy security solutions with cloud-based ones. One of the technologies this includes is Carbon Black Cloud, which is now enhanced by elements like new malware prevention capabilities for Linux devices, and integration with Microsoft Windows Anti-Malware Scanning Interface (AMSI).
- Proofpoint announces improvements to its Cloud App Security Broker (CASB) solution. These include automated malicious app detection and remediation, broadened suspicious file activity detection for Office 365, improved real-time data loss prevention, and increased shadow IT visibility. Proofpoint also announces new solutions to protect organizations against BEC and EAC attacks.
- Intel introduces new security capabilities related to its Compute Lifecycle Assurance, which is a supply chain transparency initiative. These new capabilities are application isolation, full memory encryption, VM and container isolation, and Intel platform firmware resilience.
- SentinelOne makes its Cloud Workload Protection (CWPP) generally available, and demonstrates its Singularity Platform. This is what SentinelOne calls “an industry-first data lake that seamlessly fuses together the data, access, control and integration planes of EPP, EDR, IoT and CWPP (Cloud Workload Protection) into a singular platform.”
Closing thoughts on the top announcements at RSA 2020
What a flurry of new security and technology announcements! As always, feel free to contact us for more detailed information on security products or to start trying solutions out for free.