Every year, the RSA Conference provides a great opportunity for IT security pros to come together to discuss current and future concerns and to get access to the people, content and ideas that enable them to step up their security game and better protect high-value assets. It’s also one of the best opportunities all year to preview the latest security products and innovations, and 2016 is no exception.
In this slideshow, we’ve pulled together a variety of the new security products that vendors are debuting at the RSA Conference 2016. From machine-learning threat intelligence to secure key management and incident response portals, organizations are sure to find something that will fit their needs.
New Security Products at RSA Conference 2016
Click through for 17 innovative, new products that are being debuted at RSA Conference 2016.
Acuity Solutions has announced the release of BluVector 2.0, a next-generation machine-learning malware detection and cyber-hunting solution, built upon BluVector’s patented machine-learning capabilities. According to the company, BluVector provides enterprises with faster, more accurate malware detection, allowing security analysts to quickly identify previously undetectable threats to their networks. With BluVector 2.0, enterprises now have the ability to train their BluVector appliance on their environment, through a groundbreaking new artificial intelligence capability.
With its LSE LinOTP Authentication Provider, LSE is expanding the portfolio of existing authentication provider products for Microsoft Windows and Linux operating systems to OS X®. This token solution enables implementation on a cross-platform and cross-technology basis. The new product improves the login security with a One-Time Password solution (OTP). LSE LinOTP backend supports all existing OTP implementations, such as mobile apps (Google Authenticator, FreeOTP) and tokens (i.e., OATH, Yubikey). The configuration is done via an integrated OS X® Environment native configuration dialogue.
CounterTack is adding robust new remediation capabilities to its malware hunting platform, Active Defense, and further integrating its enterprise security suite of products, with Sentinel.
Sentinel: Continuous monitoring of the operating system
- Enhanced dashboard capabilities and threat visualization.
- Real-time detection, analysis and response demonstrations around advanced attacks, including PowerShell and Ransomware.
- Deep integration with network security platforms like Blue Coat Systems, and enhanced SIEM integration.
Active Defense: The malware hunter
Comprehensive threat and IOC remediation capabilities that include endpoint and threat quarantine and the ability to kill processes contributing to security incident escalation – built for enterprise security teams for more enhanced capabilities to triage known threats.
Responder PRO: Forensic-level reverse engineering and malware analysis
- Additive and more advanced Linux threat data.
- Broader-scope, deeper analysis capabilities for incident responders to view and reverse-engineer threats.
Digital identity and credentials expert Intercede has announced new security software designed for deployment alongside Intel’s latest hardware-based identity protection technology, Intel® Authenticate. Intercede software, running on the 6th Gen Intel® Core™ vPro™ processor, works in combination with Intercede’s MyID credentials management solution to replace password-based access control for networks, applications and services with certificate-based, highly secure and convenient hardware-backed protection.
CyberArk has announced new real-time threat detection and containment capabilities to help organizations secure against cyber attacks targeting Microsoft Active Directory infrastructure. The new CyberArk Privileged Threat Analytics v3.0 features targeted analytics and the ability to analyze network traffic to better detect indications of an attack early in the lifecycle, including credential theft, lateral movement and privilege escalation. According to the company, these features enable incident response teams to visualize the threat and shut down in-progress attacks – including Kerberos authentication attacks like “Golden Ticket,” which can lead to a complete network takeover and massive business disruption.
WinMagic, Inc. has introduced security software that encrypts virtual machines running on Infrastructure-as-a-Service (IaaS) platforms. Addressing the growing concerns of protecting critical assets stored within virtual environments, SecureDoc CloudVM is an enterprise encryption solution that offers support for Windows-based platforms running in public, private and hybrid cloud environments through application aware intelligent key management.
The application-aware-intelligent-key-management capability embedded within SecureDoc CloudVM offers a single pane of glass view into where and how encryption is being deployed. The solution increases visibility and strengthens data security within virtual environments by controlling the encryption key management system across a vast array of layers including endpoints, file servers, virtual servers, enterprise file sync and share (EFSS) solutions and Internet of Things (IoT) instances.
Tripwire, Inc. has announced a range of new proactive endpoint detection and response (EDR) features in its flagship product, Tripwire® Enterprise. According to the company, the new EDR functionality can discover and assess the security of endpoint assets on an organization’s network, enabling real-time detection, analysis and response to cyber attacks.
Tripwire Enterprise now gives users the power to automate the remediation of unauthorized file or process changes, which can be the first indications of a compromise. The new functionality also makes it possible for users to detect a breach, contain the attack and anticipate where attackers are going to strike next.
Splunk has announced major advancements in its security analytics portfolio with new versions of Splunk® User Behavior Analytics 2.2 (UBA) and Splunk Enterprise Security 4.1 (ES). According to the company, the new capabilities of Splunk UBA and Splunk ES provide customers the best union of machine learning, anomaly detection, context-enhanced correlation and rapid investigation capabilities. Security organizations can respond to prioritized true threats, gain additional visibility across the attack lifecycle, and gain better insights into anomalous behavior and malicious activities across their organization. Both Splunk UBA 2.2 and Splunk ES 4.1 will be generally available in April 2016.
Guidance Software, maker of EnCase®, has announced the availability of Certified Forensic Security Responder (CFSR) training. This highly anticipated certification fills the skills gap with industry-accepted tools and methodologies for users in forensic analysis, or root cause analysis, which supports the incident response cycle.
Knowledgeable security professionals are in high demand with projected openings outpacing the number of available applicants. In 2014, there were 82,900 information security analysts with that number expected to rise to 97,700 by 2024. More than 209,000 cybersecurity-related jobs are currently unfilled. Certifications like CFSR may help new and experienced IT professionals acquire the skills they need to transition into the security industry.
Business cloud users are estimated to grow from 50 million in 2013 to 695 million by 2022, making data security a top operational concern for organizations transitioning to the cloud. Trend Micro, a global leader in security software, has announced the expansion of its Cloud App Security solution to Box, Dropbox and Google Drive. The comprehensive solution enhances the content security built in to SaaS services to defend against targeted attacks and implement compliance initiatives.
NetLib has announced the release of Enterprise Manager for their flagship product NetLib Encryptionizer for SQL Server. An innovative security solution, Enterprise Manager enables organizations of all sizes to manage their encryption needs across the enterprise – no matter where they reside geographically as well as on physical, virtual or cloud environments. The administrator will be able to easily control key management to meet the new PCI compliance standards.
ManageEngine has launched Key Manager Plus, a comprehensive, web-based, SSH key management solution at RSA Conference 2016. Available immediately, the new product joins ManageEngine’s privileged identity management suite to help administrators take control of SSH keys. According to the company, Key Manager Plus provides visibility into the SSH environment, enabling administrators to pre-empt breaches and compliance issues.
RiskVision, the enterprise risk intelligence company formerly known as Agiliance, has announced RiskVision 8.0, which features a risk data architecture breakthrough in the war against cyber-attacks and other operational risks. According to the company, RiskVision with Active State Risk Intelligence provides always-on assessments, Big Data scale, proactive insights and regulatory-ready results, establishing new benchmarks for risk management effectiveness and efficiency.
Rook Security, a managed security services provider (MSSP) that anticipates, manages, and eliminates threats, has announced War Room™, an enterprise app that provides real-time unified incident and crisis management collaboration in the cloud. Designed out of necessity to raise the bar beyond the highly inefficient and disparate ways enterprises communicate when managing incidents and crisis response, War Room is an action-oriented cloud-service command center that aggregates the pieces of information enterprises need to have a comprehensive view of incident details in one shared space.
Dell has announced the launch of the Dell SonicWALL Capture Advanced Threat Protection Service, which enhances organizations’ ability to safeguard against today’s shape-shifting cyber threats. Taking a first-to-market, adaptive, multi-engine sandboxing approach, Dell Security is incorporating the VMRay third-generation Analyzer threat detection analysis engine with the Lastline Breach Detection platform and the Dell SonicWALL Sonic Sandbox threat analysis engine, to deliver a three-layer level of defense that organizations need in order to safeguard against today’s unknown threats.
Tenable Network Security
Tenable Network Security, Inc., a global leader transforming security technology for the business needs of tomorrow, has announced a new solution for Unknown and Shadow Assets at RSA Conference 2016. According to the company, through active scanning, intelligent connectors and continuous listening, Tenable’s solution helps organizations discover all assets in their environment, bringing unknown and shadow assets into their security program.
Centripetal Networks is releasing the latest version of RuleGate® Network Protection System (NPS) 2.7, a fully integrated threat intelligence-based defense platform. The platform dynamically updates threat intelligence from more than 40 sources, normalizes the intelligence, and applies it to the network to alert, block or redirect malicious traffic. The platform includes the Advanced Cyber Threat™ (ACT) service, the RuleGate® network appliance and QuickThreat®, Centripetal Networks’ real-time threat intelligence analytics application. The newest features give organizations the ability to prioritize threats based on business enterprise security policies to ensure the most urgent threats are dealt with first.
Three important features include:
- Intelligent Packet Capture – PCAP data focused on the threat and made available directly to the cyber analyst.
- SSL Inline Content Inspection – deployment option provides visibility into encrypted traffic with inline inspection and filtering of SSL-encrypted traffic and no loss of network performance.
- Multi-Dimensional Indicators – multi-dimensional indicators factor in 5-tuple network information in combination with IP, domain or URL indicators to form more precise identification.