Generative AI takes center stage at Black Hat USA 2024

While the Black Hat USA 2024 conference, held in Las Vegas, has served as a launchpad for several cybersecurity tools and technologies, this year’s launches were all about leveraging the power of generative AI to manage risks, detect fight cybercriminals, and safeguard your business. The event showcased a variety of innovations from industry leaders and emerging startups alike, highlighting the transformative impact of gen AI on cybersecurity.

To ensure you don’t get lost in the barrage of announcements, the CSO Online team has put together a list of the most important gen AI-based cybersecurity products and services revealed at the conference that you must know about. Each of these launches is designed to combat sophisticated threats and enhance security measures in areas including application development, risk assessment, threat detection and response, and gen AI-based threats. Click here for a broader set of product announcements at Black Hat USA 2024.

[For more Black Hat USA coverage, see “Black Hat: Latest news and insights.”]

Apiiro: Risk Detection at Design Phase

Apiiro introduced Risk Detection at the Design Phase, an AI-driven capability aimed at analyzing feature requests to identify risks and initiate security reviews or threat models at the earlier stages of application development. This approach, powered by Apiiro’s proprietary LLM, will allow AppSec practitioners to mitigate security and compliance risks at the design phase before actual coding begins, helping them save time, reduce rework, and accelerate secure software delivery. Key areas of risk analysis include architecture design, sensitive data handling, user permissions, generative AI technology, and third-party integrations.

SentinelOne: Purple AI, CIEM, xSPM and SIEM

SentinelOne unveiled a series of additions to its Singularity Platform, aimed at leveraging generative AI technology to enhance security across endpoints, identities, and cloud environments. The new offerings include Purple AI, which provides natural language alert summaries and query support, allowing streamlining of alerts for analysts. Cloud Infrastructure Entitlement Management (CIEM) helps control access rights to cloud resources. SentinelOne also introduced Extended Security Posture Management (xSPM) and an AI-powered SIEM, to provide real-time insights and scalable security solutions.

Cymulate: AI Copilot 

Cymulate announced the launch of its AI Copilot, a gen AI solution designed to enable security controls against real-time threats. The AI Copilot introduces a dynamic attack planner that allows users to perform custom threat assessments by copying and pasting URLs or content from threat advisories, news articles, and security research findings. The feature is targeted at rapid identification and remediation of security gaps, reducing the time and expertise required for threat assessments. The AI Copilot also generates tailored product documentation and facilitates troubleshooting, optimizing security validation processes, and freeing up IT resources.

Cequence: Unified API Protection (UAP) genAI upgrades

Cequence announced a handful of updates to its Unified API Protection platform, focusing on the secure use of AI applications like Generative AI and Large Language Models. Key enhancements include a test suite for OWASP LLM Top 10 threats, automated detection and blocking of AI bot activity, the Flow Graph for visualizing API flows, and new integrations aimed at comprehensive API discovery. The platform also processes API traffic on-premises for improved efficiency and privacy and offers attack surface detection for API gateways and infrastructure.

RAD Security: AI-Powered Incident Investigation

RAD Security unveiled its AI-powered incident investigation capability for improved cloud security with behavioral detection and response. This approach aims to reduce false positives and improve incident assessment accuracy by combining LLM-powered investigations with behavioral detections. RAD Security’s Cloud Detection and Response (CDR) solution creates behavioral baselines to detect zero-day attacks and enriches detections with real-time identity and infrastructure context. New features include the Amazon EKS Add-on, automated AI-powered investigations, a Findings Center for incident navigation, and an updated RAD Open Source Catalog for improved detection.

Code42: GenAI support on Incydr

Code42, now part of Mimecast, introduced upgrades to its Incydr solution to protect against data exfiltration to generative AI tools. Incydr’s new data visualization and PRISM system can help security teams pinpoint and respond to the movement of data to gen AI tools such as ChatGPT and Google Gemini. The solution includes the detection and blocking of risky activities, educational videos for employees, and upcoming support for the ChatGPT desktop app.

Legit Security: AI Security Command Center

Legit Security launched an AI Security Command Center, designed to provide security teams with a console for AI visibility and protection in development environments. This dashboard will help mitigate the risks of using AI models in application code by offering centralized visibility of AI model inventories, conducting risk correlation and prioritization, and extending ASPM controls to include AI security posture management. Legit Security also announced joining the Coalition for Secure AI (CoSAI) to advance comprehensive AI security measures in software development.

Balbix: BIX Conversational AI 

At Blackhat USA 2024, Balbix introduced BIX, a conversational AI assistant designed to streamline cyber risk and exposure management. BIX is aimed at simplifying risk management by providing personalized, context-aware recommendations based on the user’s role and past interactions. With features like mobile accessibility, real-time updates, and integration with existing cybersecurity and IT systems, BIX will help security teams with decision-making and cross-channel communication. Utilizing a multi-agent architecture powered by RAG-based large language models (LLMs) on Nvidia hardware, BIX is designed to break down complex tasks into manageable subtasks to improve operational efficiency and reduce response times.

Orca Research: AI Goat

Orca Research has launched AI Goat, an open source learning environment designed to address the OWASP Top 10 ML risks. Available on the Orca Research GitHub repository, AI Goat is an intentionally vulnerable AI environment built using Terraform, featuring a range of threats and vulnerabilities for educational purposes. This tool aims to help security professionals and pentesters understand and test AI-specific vulnerabilities and improve defenses against such attacks. At Black Hat USA 2024, Shain Singh, a leader in the OWASP ML Security Top 10 project, emphasized that AI Goat enhances understanding of AI risks and helps organizations better prevent potential AI attacks by simulating real-world vulnerabilities and misconfigurations.

[For more Black Hat USA coverage, see “Black Hat: Latest news and insights.”]

Originally published on August 6, 2024, this article has been updated to incorporate the latest announcements.