Hundreds of companies and organizations showcased their cybersecurity products and services last week at the 2024 edition of the Black Hat conference in Las Vegas.
To help cut through the clutter, the SecurityWeek team is publishing a digest summarizing some of the announcements made by vendors at Black Hat USA 2024, including new products and services, updates to existing offerings, reports, and other initiatives.
Claroty releases free ICS analysis tools
Claroty has released two free tools designed to enable users to extract forensics from Unitronics PLC/HMI devices, which have been targeted by threat actors in attacks aimed at the water sector. The tools were developed following a detailed analysis conducted by Claroty.
AI research firm Anthropic announces bug bounty initiative
AI research company Anthropic has announced a new bug bounty initiative in collaboration with HackerOne. Through this program, participants will be given early access to new AI safety mitigation systems and offered up to $15,000 for novel, universal jailbreak attacks that could expose vulnerabilities in critical, high-risk domains, such as chemical, biological, radiological, nuclear and cybersecurity.
Sysdig launches Cloud Identity Insights
Cloud security firm Sysdig has announced the launch of Cloud Identity Insights, an expansion of its cloud detection and response (CDR) capabilities designed to correlate identity behavior with workload activity and cloud resources. Cloud Identity Insights can quickly detect compromised identities and helps contain them.
Cymulate launches AI Copilot
Cymulate announced the launch of the Cymulate AI Copilot, a generative AI solution designed to deploy, test and tune security controls to evaluate their effectiveness against real-time threats. The solution offers a dynamic attack planner to provide greater insights into cybersecurity control gaps and essential migrations.
Vectra AI expands platform to help teams combat hybrid attacks
XDR firm Vectra AI has unveiled an expansion of its AI-driven platform that equips SOC teams with active posture to proactively discover and pinpoint where their hybrid environment is exposed to attackers.
Menlo Security unveils enhancements to Zero Trust Access solution
Browser security firm Menlo Security has announced enhancements to its Zero Trust Access solution. The company has also released new findings as a follow up to its recent Global Cyber Gangs Threat Report, revealing new evasive threat tactics targeting the browser.
Entro extends Non-Human Identity and Secrets Management platform
Entro Security has extended its Non-Human Identity (NHI) and Secrets Management platform with two new features: Optical Character Recognition (OCR) support for secret scanning and Employees Tokens Blast Radius. The OCR feature enables organizations to discover exposed NHIs and secrets embedded in images, and the Employees Tokens Blast Radius feature allows security teams to review and comprehend the NHIs accessible to each employee.
Legit Security launches AI Security Command Center
Application security posture management (ASPM) firm Legit Security has announced the launch of an AI Security Command Center, which is a dedicated AI security dashboard that provides security teams with a unified console to efficiently and proactively gain visibility into AI used in development and defend against cyberattacks exploiting AI-based applications.
Beyond Identity launches new identity assurance plugin for Zoom
IAM firm Beyond Identity has released RealityCheck, an identity assurance plugin for Zoom that is designed to protect organizations from AI deception, such as impersonation attacks and deepfakes, by certifying the authenticity of call participants using the highest level of authentication assurance: Authenticator Assurance Level 3 (AAL3) combined with device security verification.
RAD Security launches AI-powered incident investigation capability for behavioral detection & response
RAD Security has unveiled an AI-powered incident investigation capability for behavioral detection and response. The company has combined AI-powered incident investigation with behavioral, signatureless detections, to reduce false positives and provide relief for overburdened security teams.
Contrast Security introduces Application Detection and Response (ADR)
Runtime security firm Contrast Security has introduced Application Detection and Response (ADR) to empower security teams to identify vulnerabilities, detect threats, and stop attacks that target custom applications and APIs.
HPE Aruba Networking strengthens cyber defenses with new AI-powered network detection and response
HPE Aruba Networking has introduced behavioral analytics-based network detection and response capabilities and enhanced its cloud-based universal Zero Trust Network Access approach by extending its reach to campus-based local area networks.
Darktrace Half-Year Threat Report 2024
Darktrace has publihsed its First 6: Half-Year Threat Report 2024, which shows that malware- and ransomware-as-a-service continue to dominate the threat landscape. The report also shows that email phishing remains a top threat, and that edge infrastructure compromise and exploitation of critical vulnerabilities are top concerns.
Outdated software and exploitable vulnerabilities found in popular OT/IoT firmware images
An analysis conducted by Forescout Technologies showed that firmware images for popular OT and IoT routers contain outdated software and exploitable n-day vulnerabilities, leaving many organizations at risk.
Censys launches community forum
Internet intelligence platform Censys has announced the launch of the Censys Community Forum, a moderated, online platform where security professionals can discuss topics focused on threat hunting, attack surface management, and more. The forum provides over 70,000 members with free resources and data-driven security solutions through a centralized, accessible platform.
