August 12, 2024 at 09:18AM
The 2024 Black Hat conference in Las Vegas saw numerous cybersecurity product and service announcements. Highlights include free ICS analysis tools from Claroty, a bug bounty initiative by Anthropic, and new offerings from companies like Sysdig, Cymulate, and Vectra AI. Additionally, findings from various security firms and platform launches were unveiled during the conference.
From the meeting notes, I have gathered the following key takeaways:
1. Claroty has released free tools for ICS analysis to extract forensics from Unitronics PLC/HMI devices, following targeted attacks in the water sector.
2. Anthropic has announced a bug bounty initiative in collaboration with HackerOne, offering rewards for identifying vulnerabilities in critical domains.
3. Sysdig has launched Cloud Identity Insights, expanding its cloud detection and response (CDR) capabilities to detect compromised identities and contain them.
4. Cymulate has announced the launch of the Cymulate AI Copilot, an AI solution to test and tune security controls against real-time threats.
5. Vectra AI has expanded its platform to equip SOC teams with active posture to discover and pinpoint hybrid environment exposures to attackers.
6. Menlo Security has unveiled enhancements to its Zero Trust Access solution, alongside new findings from its Global Cyber Gangs Threat Report.
7. Entro Security has extended its Non-Human Identity (NHI) and Secrets Management platform with new features for secret scanning and Employees Tokens Blast Radius.
8. Legit Security has announced the launch of an AI Security Command Center, providing a unified console for security teams to gain visibility into AI used in development and defend against cyberattacks.
9. Beyond Identity has released RealityCheck, an identity assurance plugin for Zoom designed to protect organizations from AI deception during calls.
10. RAD Security has introduced an AI-powered incident investigation capability for behavioral detection and response, combining incident investigation with behavioral, signatureless detections.
11. Contrast Security has introduced Application Detection and Response (ADR) to identify vulnerabilities, detect threats, and stop attacks targeting custom applications and APIs.
12. HPE Aruba Networking has strengthened its cyber defenses with new AI-powered network detection and response capabilities.
13. Darktrace has published its First 6: Half-Year Threat Report 2024, highlighting the prevalence of malware, ransomware, email phishing, and edge infrastructure compromise.
14. Forescout Technologies’ analysis revealed outdated software and exploitable vulnerabilities in popular OT and IoT firmware images.
15. Censys has launched the Censys Community Forum, providing security professionals with a platform for discussion on threat hunting and attack surface management.
These key takeaways reflect the significant announcements and developments from the Black Hat USA 2024 conference.