RSA Outseer, Elisity Zero Trust, Contrast Scan, & SOAR Soup – ESW #231

Axonius is prepping for an IPO! NYSE or NASDAQ? What does JuniperOne think? Discuss.

Interactive labs as a service for training! Also hiring assistance (practical testing).

Recorded Future is now an investor! It's hoping to fund some early-stage startups focused on using AI to create valuable intelligence that RF could plug into its own platform in the future.

The first big news to come out of RSA since it was acquired by STG, they're spinning out some of their products & services as a rebranded subsidiary! RSA Adaptive Authentication becomes Outseer Fraud Manager, RSA Adaptive Authentication for eCommerce becomes Outseer 3-D Secure, and RSA FraudAction becomes Outseer FraudAction.

"Deloitte announced its acquisition of substantially all the assets of CloudQuest, Inc. (CloudQuest), a cloud security posture management (CSPM) provider based in Cupertino, Calif. The deal will bolster Deloitte’s existing cloud cybersecurity offerings with CloudQuest’s cloud-native security capabilities to more seamlessly manage security workflows, reduce risk and improve data security."

They are taking on a lot of functionality: "1) WEB APP PROTECTION - Application and attack profiling combined with IP fingerprinting are continuously correlated to identify, track and block threat actors. 2) NATIVE API PROTECTION- API-native and has robust features to address API-centric attacks such as support for WebSockets, detection of host enumeration, and customer rules to identify expensive application calls. 3) BOT MANAGEMENT - To block or not to block. That is the question and the answer. Know when to let the good Bots in and keep the bad Bots out. 4) DDOS MITIGATION - Based on attacker profiling, detect and neutralize layer 7 attacks, OWASP Top 10, bots, DDoS, and zero-day threats with high precision"

Sounds like Edgewise (who was acquired by ZScaler): "It combines the paradigm of zero trust access, meaning no user is trusted by default from inside or outside the network, and a software-defined perimeter to authorize users, devices, and apps based on policies before they can communicate with critical resources. Access is monitored by AI algorithms that track, monitor, and analyze flows and user behavior to make recommendations and discover all of an organization’s assets to build an encrypted mesh overlay between a cloud services panel and network probes."

How is this different or better than the other SASTs on the market alread? "Contrast Security announced the release of Contrast Scan that revolutionizes static application security testing (SAST) with pipeline-native static analysis to analyze code and detect vulnerabilities early on in the software development life cycle (SDLC). The release of Contrast Scan extends the DevSecOps capabilities of the Contrast Application Security Platform to the entire SDLC, empowering security teams to run scans up to 10x faster and remediate vulnerabilities up to 45x faster while meeting compliance requirements of an organization's security policy."

"today unveils Sonatype Lift (Lift), a first-of-its-kind, cloud-native, deep code analysis platform. Lift installs easily on any source repository in minutes and provides developer-friendly feedback on a wide range of bug types, ranging from lightweight style issues to complex coding errors commonly found in first-party source code and third-party open source libraries."

Curious how it does all this, through logs and events, packet monitoring, both? Clearly not via an agent: "1) Reduce risk of cloud services being exploited with agentless runtime monitoring of applications, users, roles, serverless compute, and storage that allows for rapid and scalable deployment of applications. 2) Rapidly detect threats against your systems and data on AWS using one of the first behavioral AI that detects and prioritizes threats without relying on signatures, agents, or static policy while protecting against attacks looking to exploit misconfigured services. 3) Automate response to attacks on applications running on AWS using native capabilities in AWS, or deep integrations with other security solutions allowing teams to mitigate threats without relying on agents."

"But as SOAR use cases evolve to real-world situations and industry analysts adjust their definition of the market, it's becoming increasingly clear that SOAR is less of a singular platform and more of a comprehensive architecture for tying a lot of threads in the security stack together in a meaningful fashion, including threat intelligence platform (TIP) capabilities." - So SOAR is more about how you make the soup than the ingredients?

Buzzword winner of the week: "As the COVID-19 pandemic forced enterprises to transition to the new ‘work from anywhere’ environment, cloud became a natural progression for organizations looking to enable their remote workers quickly. As more organizations are still migrating to the cloud in parallel to undergoing the “shift-left” organizational change, security teams find themselves with multiple platforms to manage. These platforms provide neither the visibility nor the ability to protect the rapidly growing cloud workload deployments."

"hales today announced that its CipherTrust Manager and SafeNet Trusted Access have been integrated with Google Workspace Client-side encryption (beta coming soon), a new privacy and confidentiality offering for Google Workspace users. Providing enhanced key management capabilities and identity protection, customers can benefit from improved regulatory compliance and data ownership by allowing them to maintain ownership of keys used to encrypt Google Workspace documents."

"Forcepoint, a global leader in data-first cybersecurity solutions that protect critical information and networks for thousands of customers throughout the world, today announced the company has signed a definitive agreement to acquire U.K. based Deep Secure. Deep Secure’s cybersecurity products and services protect organizations from cyberattacks delivered via malware and help prevent unwanted data loss."

"With Auth0 WebAuthn Passwordless, users can authenticate with Web Authentication-powered (WebAuthn) biometrics, the official web standard for passwordless authentication as published by W3C and used by FIDO, for first-factor authentication. This form of authentication eliminates security weaknesses based on password reuse, since passwords are not required. Additionally, Auth0 WebAuthn Passwordless is an ideal option for companies looking to build and provide an authentication experience supporting conversion and retention of users who want more choice and less friction in their login experience."