The top new cybersecurity products at Black Hat USA 2024

Black Hat USA 2024 once again served as a launchpad for several cybersecurity products and services with many notable vendors as well as up-and-coming startups showcasing their innovations at the annual conference, held this week in Las Vegas. The event, alongside the RSA Conference, remains a pivotal moment in the cybersecurity calendar, offering insights into the diverse range of security solutions being developed to address today’s complex threat landscape.

The CSO team has put together a list highlighting the most significant debuts at the show, showcasing tools and technologies that span AI-based cybersecurity, SaaS security, extended detection and response (XDR) software, threat hunting, application security, and SIEM management.

[For more Black Hat USA coverage, see “Black Hat: Latest news and insights.”]

AppOmni: SaaS security offerings

AppOmni, a leader in SaaS security, unveiled new technology advancements to enhance identity and threat detection in enterprise SaaS environments. These include identity-centric analysis with patent-pending log sequencing and user behavior analytics (UEBA), as well as a comprehensive security health dashboard. The Event Maturity Matrix (EMM) now supports Snowflake and Veeva Vault, offering better log gap identification and incident response verification. The new SaaS Security Health Dashboard provides executive insights into SaaS security posture, aiding scalable security program development and reducing SOC alert fatigue. Demonstrations were held at booth #1660, with Joe Sullivan, strategic advisor, underscoring the importance of specialized threat detection for SaaS applications.

Securonix: AI-reinforced SIEM

Securonix introduced two new capabilities within its Securonix EON suite — Cyber Data Fabric and Noise Canceling SIEM. These updates are designed to enhance the company’s Unified Defense SIEM solution, targeted at helping CyberOps teams tackle sophisticated cyberattacks more effectively. Cyber Data Fabric offers modular architecture for intelligent data classification, ensuring relevant data is analyzed, stored, and archived efficiently. This integration improves cost efficiency by up to 30%, according to Securonix. Noise Canceling SIEM leverages AI to reduce alert fatigue by 50%, focusing on critical threats and minimizing false positives. This capability includes automated SOAR playbooks for faster response and reduced incident impacts. Securonix showcased these advancements at booth #2930. Haggai Pollak, chief product officer at Securonix said the offering will play a major role in streamlining security processes and boosting operational efficiency.

Qualys: Patch-less remediation

Qualys has announced TruRisk Eliminate, a new remediation solution designed to enhance risk reduction beyond traditional patching methods. Unveiled at Black Hat 2024, TruRisk Eliminate offers patchless approaches including targeted isolation and advanced mitigation strategies to address vulnerabilities when patching is impractical. The solution is designed to address the challenges of unpatched vulnerabilities, which can lead to significant security risks including ransomware attacks and data breaches. Key features include TruRisk Mitigate for deploying risk mitigation controls and TruRisk Isolate for quarantining risky assets. It integrates seamlessly with IT operations tools like ServiceNow and JIRA and automates complex risk remediation tasks via Qualys Qflow. TruRisk Eliminate will be available in September, with demonstrations at Black Hat USA 2024, booth #1320.

Flashpoint: Echosec and Ignite upgrade

Flashpoint unveiled updates to its flagship platform, Flashpoint Ignite, in addition to a new location intelligence solution, Echosec, at Black Hat USA 2024. Flashpoint Ignite now offers Investigations Management for customizable threat analysis workflows and Intelligence Requirements Mapping for automated alignment with Priority Intelligence Requirements. Echosec introduces Location Protection for real-time monitoring and alerting of threats to physical assets. These enhancements are designed to provide actionable intelligence, streamline threat management, and safeguard critical assets. Flashpoint presented these offerings at Booth #3041.

Cybersixgill: Personalized cybersecurity threat intelligence

Cybersixgill has introduced Pulse, a platform for delivering personalized cybersecurity threat intelligence. Pulse offers a dynamic, tailored cybersecurity threat intelligence (CTI) stream by leveraging AI to curate and personalize content based on individual user profiles, interests, and geographic relevance. This innovation aims to mimic the personalized content delivery of modern streaming services, ensuring security professionals receive the most pertinent intelligence to stay ahead of threats. The platform aggregates data from diverse sources, including the deep and dark web, OSINT, and cybersecurity news, providing users with actionable insights through a customizable dashboard. Cybersixgill Pulse, available as part of the Investigative Portal and as an API, supports MSSPs and software providers in creating new revenue streams by integrating personalized CTI content into their applications.

NetRise: Expanded XIoT

Extended Internet of Things (XIoT) security provider, NetRise, has announced expansions on its NetRise Platform, now supporting the analysis of containers and Windows software assets. This enhancement offers improved visibility across the software supply chain, enabling security teams to inventory and control software assets and address risks. Key features include machine learning-based software composition analysis (SCA), enhanced software extraction, and dependency mapping. NetRise demonstrated the enhancements on its XIoT platform at Booth #3019 at Black Hat USA 2024.

Beyond Identity: RealityCheck

Beyond Identity has launched RealityCheck, an identity assurance plugin for Zoom. RealityCheck protects against AI deception, including impersonation attacks and deepfakes, by certifying call participants with Authenticator Assurance Level 3 (AAL3) and device security verification. The feature adds authentication badges, displays risk data, and verifies users and devices. Initially launched for Zoom, Beyond Identity plans to extend RealityCheck to other communication platforms like email and chat. Beyond Identity presented RealityCheck at Booth #2068 at Black Hat USA 2024.

Menlo Security: Zero Trust platform upgrades

At Black Hat USA 2024, Menlo Security announced upgrades to its Menlo Zero Trust Access solution, designed for browser security and enterprise defense against sophisticated threats. The latest enhancements include improved support for Apple’s ecosystem with a new Safari Extension, expanded multi-cloud app connectors for Google Cloud and Microsoft Azure, and a Secure Application Access Monitoring Dashboard. These features aim to simplify Zero Trust deployment and enhance visibility for administrators. The capability was showcased at Menlo Security’s booth #1860 at Black Hat USA.

HPE: AI-Powered Network Detection and Response

Hewlett Packard Enterprise (HPE) has expanded its AI-powered networking portfolio with behavioral analytics-based network detection and response (NDR) capabilities via HPE Aruba Networking Central. This solution uses telemetry data to train AI models for detecting unusual activity in IoT devices. The expansion also includes extending HPE’s cloud-based zero trust network access (ZTNA) to local area networks, ensuring consistent security policies across campuses and data centers. Additionally, HPE Aruba Networking Central now offers attack detection combined with policy recommendations. HPE Aruba Networking’s latest solutions were showcased at Black Hat USA 2024, booth #1160, alongside other security offerings like secure compute management and rapid air-gapped recovery solutions.

Varonis: AI-Powered Data Classification 

Varonis Systems has announced new AI capabilities aimed at enhancing its data classification engine by leveraging machine learning to discover, understand, and classify customer data efficiently. These AI classifiers, the company claimed, require minimal training and allow local data scanning without needing to transfer data outside the customer’s environment. Additionally, in a bid to ensure transparency and flexibility, Varonis is offering adaptable and easy-to-validate AI models. This expansion is targeted at facilitating effective data classification, improving risk prioritization, exposure remediation, and security control enforcement. Varonis solutions were showcased at Black Hat USA 2024, booth #1160.

Endor Labs: Upgrade Impact Analysis, Endor Magic Patches

Endor Labs launched two capabilities to address challenges in the Software Composition Analysis (SCA) market, particularly the difficulties associated with upgrading open-source software (OSS) dependencies to fix vulnerabilities without causing breaking changes. The newly introduced Upgrade Impact Analysis will enable AppSec teams to assess the difficulty of upgrades, helping them prioritize security fixes and make informed decisions based on potential impacts. Additionally, Endor Magic Patches provide backported security patches, allowing teams to mitigate vulnerabilities when upgrading is too complex or time-consuming. These capabilities are designed to streamline the remediation process, reduce developer workload, and enhance security measures without compromising software stability.

Checkmarx: Container Security Solution

Checkmarx has launched a new Container Security solution as part of its cloud-native Checkmarx One application security platform. This solution aims to boost team efficiency by integrating security seamlessly into familiar development workflows while offering early vulnerability identification, actionable insights, and streamlined mitigation. Leveraging Sysdig runtime insights, Checkmarx Container Security combines static analysis with runtime monitoring to provide a comprehensive view of container security. Unique in its ability to identify and flag malicious packages, CheckMarx claimed, the solution enhances proactive response capabilities, helping organizations improve their security posture. The key features of the solution include image scanning, vulnerability assessment, package inspection, and detailed scan reports. Checkmarx demonstrated the offering at Black Hat USA 2024, #booth 2640

Wing Security: Personalized SaaS Threat Intelligence

Wing Security has introduced a “tailored” SaaS Threat Intelligence offering, integrated directly into its SaaS security dashboard to help provide personalized detection and response capabilities. This feature aims to offer organizations timely, prioritized threat event information, along with recommendations and automated remediation plans specific to each SaaS environment. With support for SaaS supply chain threats, Wing Security’s new solution promises swift action against potential risks like authorized account takeovers and data breaches.

Originally published on August 6, 2024, this article has been updated to incorporate the latest announcements.