Black Hat USA 2023 – Announcements Summary – Source: www.securityweek.com

Hundreds of companies and organizations showcased their cybersecurity products and services this week at the 2023 edition of the Black Hat conference in Las Vegas.

To help cut through the clutter, the SecurityWeek team is publishing a digest summarizing some of the announcements made by vendors at Black Hat USA 2023, including new products and services, updates to existing offerings, reports, and other initiatives. 

MELEE tool for detecting ransomware in MySQL instances

MELEE, a tool designed to detect ransomware infections in MySQL instances, was released at Black Hat Arsenal. The tool allows researchers, penetration testers, and threat intelligence experts to detect compromised MySQL instances running malicious code. It can also be used to conduct research into malware targeting cloud databases. The tool was developed by Aditya K Sood, Sr. Director of Threat Research and Security Strategy, Office of the CTO, F5.

Abnormal Security launches new tool to detect AI-generated attacks

Email security firm Abnormal Security has launched CheckGPT, a new tool designed to detect AI-generated email attacks. CheckGPT determines the likelihood of a BEC or other social engineering attack being created using generative AI. 

Adaptive Shield launches Identity Threat Detection and Response capabilities

Adaptive Shield has launched Identity Threat Detection and Response (ITDR) capabilities to help organizations mitigate identity-related threats. The capabilities can be paired with the company’s SaaS Security Posture Management (SSPM) solution.

BigID introduces data risk assessment for hybrid environments

Data security firm BigID has announced a data risk assessment reporting capability that allows organizations to streamline data security posture reporting.

Bionic announces ASPM product innovations

Application security posture management (ASPM) firm Bionic has launched a new ServiceNow Service Graph Connector that provides security teams with a real-time configuration management database (CMDB) of their cloud applications, microservices, and dependencies in production. It also unveiled Bionic Events, a feature that correlates application changes to overall security risk.

Cado Security enhances volatile artifact collection tool

Forensics and incident response platform Cado Security has unveiled new capabilities of its open-source volatile artifact collection (VARC) tool. The latest features enable proactive scanning for malicious activity powered by YARA rules.

Code42 enhances source code exfiltration detection

Insider risk management firm Code42 has improved its Incydr data protection solution to identify source code origin and destination in an effort to detect and prevent exfiltration. Code42 also announced integration with no-code automation platform Tines. 

Cycode unveils new ASPM platform capabilities

Cycode presented new capabilities of its Application Security Posture Management (ASPM) platform at the Black Hat conference. This includes hardcoded secrets detection in cloud-based workplaces, a collaboration with Azure DevOps pipelines to ensure supply chain integrity, and a new IDE plug-in for VS Code integration.

Cybersixgill enhances generative AI solution

Threat intelligence firm Cybersixgill has announced enhancements to its IQ generative AI solution, including a new capability of factoring attack surface context to deliver insights specific to each customer, new custom report-building capabilities, and a new module for uncovering compromised credentials. 

Cymulate adds new capabilities to exposure management and security validation platform

Cymulate announced that its exposure management and security validation platform now includes new and expanded cloud-focused attack simulation templates and resources to cover all major public cloud providers. 

CrowdStrike announces new Counter Adversary Operations offering

CrowdStrike has announced a new Counter Adversary Operations offering, which brings together Falcon Intelligence, Falcon OverWatch managed threat hunting teams, and telemetry events from the Falcon platform to detect, disrupt and stop adversaries. The first Counter Adversary Operations offering is Identity Threat Hunting.

Critical Start launches Managed Cyber Risk Reduction

MDR firm Critical Start has introduced Managed Cyber Risk Reduction (MCRR), an evolution of MDR that provides a comprehensive managed solution to address risks, vulnerabilities, and threats.

eSentire launches new MDR Agent for SMBs

MDR firm eSentire has enhanced its SMB-focused XDR platform with a new MDR Agent, which provides full-scale threat prevention, detection, response and investigation capabilities.

IBM and Cloudflare collaborating to mitigate bot-based threats

IBM and Cloudflare announced Cloudflare Bot Management on IBM Cloud Internet Services. The new offering enables users to better manage bots by applying multiple detection methods. The Bot Management feature is available now for IBM CIS clients using the CIS Enterprise Premier plans.

Ironscales launches GPT-powered phishing simulation testing

Cloud email security firm Ironscales has launched the beta version of a GPT-powered phishing simulation testing capability, as well as a new accidental data exposure capability, which alerts employees when they send potentially sensitive information. 

Microsoft announces cloud security offering enhancements

Microsoft has announced Microsoft Defender Cloud Security Posture Management (CSPM) enhancements, including multicloud posture management capabilities for Google Cloud Platform (GCP), extending sensitive data discovery capabilities to GCP Cloud Storage, and extending agentless scanning, data-aware security posture, cloud security graph, and attack path analysis capabilities to GCP.

NetRise announces new features for SBOM management and CISA KEV support

XIoT security firm NetRise has announced new capabilities for working with SBOMs and support for CISA’s Known Exploited Vulnerabilities (KEV) catalog to help organizations manage and understand risks associated with software components in the firmware of connected devices. 

NetSPI announces AI pentesting capabilities

Offensive security firm NetSPI has unveiled its ML/AI pentesting solution. The solution focuses on two components: identifying and remediating vulnerabilities on ML systems, and providing recommendations and guidance for ensuring that security is taken into consideration throughout the design and implementation phases of a product. 

OCSF launches new open data schema

The Open Cybersecurity Schema Framework (OCSF), whose goal is to deliver a simplified, extensible, vendor-agnostic taxonomy, has announced the general availability of its schema. Organizations can integrate the OCSF framework into any environment, application or solution to complement existing security standards and processes.

OPSWAT publishes 2023 threat intelligence survey results

OPSWAT has published the results of its 2023 threat intelligence survey, which shows that only 22% or organizations have a fully mature threat intelligence program and 62% recognize the need for additional investments. Only 11% of respondents currently use AI for threat detection, but 56% are optimistic about its use in the future. 

Panorays adds Smart Match AI capability to third-party risk platform

Panorays has added a Smart Match capability to complement its AI-powered third-party security risk platform. The new capability is designed to accelerate responses and simplify risk analysis for users. 

Protect AI launches bug bounty program for AI/ML

AI/ML security company Protect AI has acquired bug bounty platform Huntr and announced the launch of an AI/ML bug bounty program. The program provides a bug hunting environment, targeted bug bounties, monthly contests, collaboration tools, and vulnerability reviews.

Radiant Security announces AI-powered SOC co-pilot 

Radiant Security has emerged from stealth mode with an AI-powered SOC co-pilot designed to boost SOC effectiveness and productivity by streamlining and automating alert triage, incident investigation, incident containment and remediation, escalation and approval workflows, and resiliency improvements. 

Sevco Security adds new vulnerability hunting capabilities

CAASM platform provider Sevco Security has added new vulnerability hunting capabilities that enable organizations to assess flaws across different asset classes (devices, users, applications) and evaluate mitigating controls against identified vulnerabilities continuously to understand actual risk and exposure management directly in the cloud-native asset intelligence platform. 

SecurityScorecard launches managed cyber risk services 

SecurityScorecard has announced new managed cyber risk services designed to help organizations operationalize third-party cyber risk management and mitigate zero-day and critical supply chain vulnerabilities. 

SentinelOne streamlines vulnerability management

SentinelOne has launched Singularity Ranger Insights, a vulnerability management solution designed to help companies continuously discover unmanaged assets, evaluate and prioritize threats, and mitigate risk using a single console and agent.

Sonet.io announces data loss protection for generative AI

Secure onboarding and remote worker management firm Sonet.io announced support for data loss protection, monitoring and observability capabilities for ChatGPT and other generative AI tools. The new capabilities make it possible to detect when sensitive data is downloaded, uploaded, copied, pasted or typed into such AI tools.

Stack Identity publishes inaugural Shadow Access Impact Report

IAM firm Stack Identity has published its inaugural Shadow Access Impact Report. Key takeaways: only 4% of identities are human, 5% of identities in the cloud have admin permissions, 75% of policies used in cloud environments include write permission, and 28% of policies in the cloud have some level of permission management.

Syxsense announces AI engine for endpoint management

Unified security and endpoint management firm Syxsense announced Cortex Copilot, a new AI engine that allows IT and security teams to simplify and speed up the process of creating endpoint management and security workflow automation. Cortex Copilot uses natural language queries to further automate smart task generation and intelligent scripting. 

ThreatConnect announces new Intelligence Requirement capability

Threat intelligence operations (TI Ops) and cyber risk quantification solutions provider ThreatConnect has added a new intelligence requirement capability to its TI Ops platform, allowing customers to define, manage, and track intelligence requirements and requests for information more effectively.

ThreatX announces new sensitive data exposure capabilities for APIs

API and application security firm ThreatX has unveiled new capabilities designed to enable security teams to detect and boost the protection of high-risk APIs containing sensitive user and authentication data.

Tenzir launches security data pipeline platform

Tenzir has launched a security data pipeline platform designed to optimize SIEM, cloud and data costs. The platform is available as an open-source developer edition, a free Community Edition, and a commercial Enterprise Edition.

XM Cyber extends continuous exposure management capabilities 

Cloud exposure management firm XM Cyber has enhanced its continuous exposure management capabilities, extending customers’ ability to address hybrid cloud AD attacks and prioritize and remediate threats.

Related: Black Hat Preview: The Business of Cyber Takes Center Stage