Cisco, Google, Microsoft and other industry heaveyweights led a chorus of recent announcements from security players large and small as the RSA Conference continues in San Francisco.
Here’s a look at what’s new:
This is a cloud-native platform that seeks to simplify complexity by integrating the company’s security portfolio into one comprehensive, holistic offering. Cisco said it:
- Unifies visibility across customers’ security portfolio in one simple, easy-to-use cloud-native platform, including detection of unknown threats and policy violations via security analytics for more informed actions
- Automates common security workflows, including threat investigation and remediation, for more efficient and precise operations
- Delivers a new managed threat hunting capability that brings the strength of threat intelligence from Cisco Talos
Furthermore, its capabilities are said to include:
- Unifying visibility across all parts of the customers’ security portfolio, Cisco or third-party solutions
- Providing customers and partners business value in under 15 minutes, through a fully cloud-native and multi-tenant solution
- Analyzing events and data across the enterprise including more than 150 million endpoints, network traffic from switches and routers including encrypted traffic, Google, AWS and Azure and private data center environments
- Identifying within minutes who and what has been targeted, enabling remediation using data enrichment across security products and threat intelligence feeds
- Bringing the power of Cisco Talos threat analysts into the customer’s SOC to hunt for the latest threats
“Cisco SecureX provides a comprehensive user experience across the breadth of Cisco’s integrated security portfolio and customers’ existing security infrastructure,” the company said. “Cisco SecureX unifies visibility, identifies unknown threats, and automates workflows to strengthen customers’ security across network, endpoint, cloud, and applications. Because simplicity is essential to securing today’s digital transformation, Cisco SecureX is included with every Cisco Security product.”
Google: Chronicle, reCAPTCHA Enterprise and Web Risk API
Google made several announcements around RSA, including new threat detection and timeline capabilities in Chronicle, a security analytics platform from a formerly independent Google subsidiary that was folded into Google Cloud.
At RSA, Google is highlighting:
- YARA-L, a new rules language built specifically for detecting modern threats and behaviors
- Intelligent data fusion, a combination of a new data model and the ability to automatically link multiple events into a single timeline.
- The general availability of:
- Web Risk API, which enables client applications to check URLs against Google’s constantly updated lists of unsafe web resources to prevent access to or inclusion of malicious content
Microsoft: Azure Sphere, Sentinel and More
Microsoft made a bevy of security-related announcements in the run-up to RSA, including some “general availability” announcements. Chief among these was Azure Sphere for IoT devices. It includes:
- Certified chips for devices, built by hardware partners.
- Microsoft’s own custom-built Linux operating system for those chips, called Azure Sphere OS.
- The Azure Sphere Security Service, a service running from Microsoft’s datacenters that gathers data on the security status of IoT devices and delivers automated updates to those devices.
- The Azure Sphere security team at Microsoft, which helps identify and address IoT device security threats.
Full coverage of the Azure Sphere announcement is provided by Kurt Mackie in an article at our sister publication, RedmondMag.
Other Microsoft security products currently at GA (not all announced at RSA) include:
- Microsoft Threat Protection: The company’s motherlode of security solutions for enterprises, providing for investigation and response actions, including some “automated healing” capabilities. It can be used to protect endpoints (Windows, macOS and Linux), identities, user data, cloud applications and infrastructure.
- Microsoft 365 Insider Risk Management: A personnel investigation and corporate compliance tool
- Microsoft 365 Communication Compliance: This uses machine learning to check company communications for policy violations
- Office 365 ATP Campaign Views: This is a capability within Microsoft’s Office 365 ATP security solution
Many other GA security products, along with new enhancements to several products including Azure Sentinel, a cloud-based security information event management (SIEM) solution, are detailed by Mackie at RedmondMag.
Dozens of other announcements were also made around RSA Conference, which runs through Feb. 28, so stay tuned for more coverage.