Black Hat USA 2024 once again served as a launchpad for several cybersecurity products and services with many notable vendors as well as up-and-coming startups showcasing their innovations at the annual conference, held this week in Las Vegas. The event, alongside the RSA Conference, remains a pivotal moment in the cybersecurity calendar, offering insights into the diverse range of security solutions being developed to address today’s complex threat landscape.
The CSO team has put together a list highlighting the most significant debuts at the show, showcasing tools and technologies that span AI-based cybersecurity, SaaS security, extended detection and response (XDR) software, threat hunting, application security, and SIEM management.
AppOmni: SaaS security offerings
AppOmni, a leader in SaaS security, unveiled new technology advancements to enhance identity and threat detection in enterprise SaaS environments. These include identity-centric analysis with patent-pending log sequencing and user behavior analytics (UEBA), as well as a comprehensive security health dashboard. The Event Maturity Matrix (EMM) now supports Snowflake and Veeva Vault, offering better log gap identification and incident response verification. The new SaaS Security Health Dashboard provides executive insights into SaaS security posture, aiding scalable security program development and reducing SOC alert fatigue. Demonstrations were held at booth #1660, with Joe Sullivan, strategic advisor, underscoring the importance of specialized threat detection for SaaS applications.
Securonix: AI-reinforced SIEM
Securonix introduced two new capabilities within its Securonix EON suite — Cyber Data Fabric and Noise Canceling SIEM. These updates are designed to enhance the company’s Unified Defense SIEM solution, targeted at helping CyberOps teams tackle sophisticated cyberattacks more effectively. Cyber Data Fabric offers modular architecture for intelligent data classification, ensuring relevant data is analyzed, stored, and archived efficiently. This integration improves cost efficiency by up to 30%, according to Securonix. Noise Canceling SIEM leverages AI to reduce alert fatigue by 50%, focusing on critical threats and minimizing false positives. This capability includes automated SOAR playbooks for faster response and reduced incident impacts. Securonix showcased these advancements at booth #2930. Haggai Pollak, chief product officer at Securonix said the offering will play a major role in streamlining security processes and boosting operational efficiency.
Qualys: Patch-less remediation
Qualys has announced TruRisk Eliminate, a new remediation solution designed to enhance risk reduction beyond traditional patching methods. Unveiled at Black Hat 2024, TruRisk Eliminate offers patchless approaches including targeted isolation and advanced mitigation strategies to address vulnerabilities when patching is impractical. The solution is designed to address the challenges of unpatched vulnerabilities, which can lead to significant security risks including ransomware attacks and data breaches. Key features include TruRisk Mitigate for deploying risk mitigation controls and TruRisk Isolate for quarantining risky assets. It integrates seamlessly with IT operations tools like ServiceNow and JIRA and automates complex risk remediation tasks via Qualys Qflow. TruRisk Eliminate will be available in September, with demonstrations at Black Hat USA 2024, booth #1320.
Flashpoint: Echosec and Ignite upgrade
Flashpoint unveiled updates to its flagship platform, Flashpoint Ignite, in addition to a new location intelligence solution, Echosec, at Black Hat USA 2024. Flashpoint Ignite now offers Investigations Management for customizable threat analysis workflows and Intelligence Requirements Mapping for automated alignment with Priority Intelligence Requirements. Echosec introduces Location Protection for real-time monitoring and alerting of threats to physical assets. These enhancements are designed to provide actionable intelligence, streamline threat management, and safeguard critical assets. Flashpoint presented these offerings at Booth #3041.
Cybersixgill: Personalized cybersecurity threat intelligence
Cybersixgill has introduced Pulse, a platform for delivering personalized cybersecurity threat intelligence. Pulse offers a dynamic, tailored cybersecurity threat intelligence (CTI) stream by leveraging AI to curate and personalize content based on individual user profiles, interests, and geographic relevance. This innovation aims to mimic the personalized content delivery of modern streaming services, ensuring security professionals receive the most pertinent intelligence to stay ahead of threats. The platform aggregates data from diverse sources, including the deep and dark web, OSINT, and cybersecurity news, providing users with actionable insights through a customizable dashboard. Cybersixgill Pulse, available as part of the Investigative Portal and as an API, supports MSSPs and software providers in creating new revenue streams by integrating personalized CTI content into their applications.