AI is rapidly evolving from first-generation chatbots to a vital a part of the high-octane fuel that powers hyperscalers and cybersecurity platforms RASC 2024 proves it’s the DNA of cybersecurity.
The RSAC theme “The Art of the Possible” summarizes how cybersecurity providers seek to leverage the inherent strengths of technology. Across all vendors, there may be a robust give attention to providing platform-level AI support for every part from automating security operations center (SOC) workflows to predicting threats to deciphering data to seek out internal threats.
RSAC 2024 is the Formula 1 race that needs cybersecurity
This 12 months's RSAC 2024 was like a Formula 1 race, with greater than 40,000 fans and recent technologies focused on greater sharpness, accuracy, speed and visibility. Vendors see AI, visibility (ideally right down to the kernel level), and hardware acceleration enabled by incremental increases in graphics processing units (GPUs) and data processing units (DPUs).
Getting behind Nvidia's momentum in hardware acceleration is the racing strategy of alternative for everybody – whether hyperscalers, platform providers, best-of-breed apps or startups. GPUs and DPUs provide high-octane fuel for brand spanking new generative AI platforms, large language models (LLMs), apps, and tools that enable moving beyond limited-generation AI chatbot use cases into infrastructure-level challenges. Cisco, CrowdStrike, Commvault, Microsoft, Palo Alto Networks, SentinelOne, Splunk and lots of others say hardware acceleration is having a robust impact on the longer term of cybersecurity.
Improving the accuracy, speed and visibility of threat intelligence was a core message of RSAC 2024. Among the numerous keynotes that mentioned the appliance of genAI to the challenges of automating SOC reporting and streamlining workflows, Crowd Strikes President, CEO and co-founder George Kurtz, keynote Next Generation SIEM: Converging Data, Security, IT, Workflow Automation and AI I summarized it well. “It can take days for the info to be collected and it may take days for the queries to truly be processed. “So if you wish to find an alert and investigate it, you’ll be able to't wait for days, especially once you're trying to categorise an incident, and all of it relies on the concept of the right way to bend time and the right way to actually move faster than the adversary,” said Kurtz in his keynote speech.
The goal is to enable a more adaptable and secure data center infrastructure
The combination of AI, visibility and hardware acceleration opens up the chance for providers to tackle much greater challenges. At the highest of the list is what many CISOs and CIOs consider their most feared and riskiest project from an expert perspective: overhauling aging data center infrastructure to make it more efficient and secure.
“However, the truth is that as applications and infrastructure change, some things still remain very difficult. Securing these applications is sort of difficult, and securing the infrastructure is even tougher,” Jeetu Patel, executive vice chairman and general manager of security and collaboration at Cisco, told the audience during his keynote speech with Tom Gillis, senior vice chairman General Manager of Cisco Security, Now is the time to redefine security within the age of AI. Patel and Gillis' keynote provides RSAC 2024's clearest representation of how the industry is attempting to mix AI, visibility and hardware acceleration.
What CISOs talked about at RSAC 2024
VentureBeat's briefings and discussions with CISOs and CIOs revealed strong interest in cloud security, cloud-native Application Protection Platform (CNAPP), container security, endpoint security, IAM (Identity Access Management), risk management, SASE (Secure Access Service Edge), and expanded Detection and Response (XDR) and Zero Trust.
VentureBeat spoke with several CISOs attending RSAC 2024 to learn what's recent in SASE and meet with vendor leadership teams. They all need to know what's coming up on the SASE roadmaps.
“As we expect concerning the way forward for SASE, we consider it is going to address the largest threat we now have in cybersecurity. “This will not be a particular threat group or hacking tool, but fairly the complexity of the safety stack by consolidating network and security on a single platform with a single console,” said Etay Maor, chief security strategist at Cato Networks, told VentureBeat. “A SASE platform enables any organization to realize an optimal security posture, regardless of fixing business needs or an evolving threat landscape, without counting on massive workloads and resource investments.”
Notable amongst the numerous SASE solutions at RSAC 2024 was Cradlepoint's NetCloud SASE. NetCloud SASE is a single-platform secure access service edge (SASE) solution optimized for 5G and wireless WAN and includes zero trust security and SD-WAN. Cradlepoint demonstrated how cellular optimization and intelligent bonding boost performance, while advanced isolation technologies and a give attention to minimizing the attack surface for managed and unmanaged devices protect against cyber threats. Her AI-based NetCloud assistant (“ANA”) uses natural language processing to help NetCloud users with on a regular basis questions on the operation of their network and to supply cellular endpoint recommendations for specific use cases to troubleshoot network performance.
Other notable announcements at RSAC 2024 included the next:
Google introduces Threat Intelligence, combining Mandiant's world-class security expertise with VirusTotal's user network and Google's data evaluation of indicators of device and email compromise. Leveraging its core competencies to introduce a competitive service to the cybersecurity market, Google unveiled its threat intelligence solution at RSAC 2024 last week. Gemini 1.5 Pro is integrated with Google Threat Intelligence and enables conversation search across threat intelligence repositories. Google guarantees corporations advanced malware evaluation and automatic data enrichment by monitoring global threats through crowdsourced and human-curated intelligence.
Palo Alto Networks has launched a series of Copilots for Strata, Prisma and Cortex platforms, improvements to Cortex XSIAM and their Precision AI initiative, including a brand new security package. Copilots for the Strata, Prisma and Cortex platforms were introduced to enhance productivity and results through natural language processing queries by SOC analysts and teams. It also launched Prisma Cloud AI-SPM, which provides capabilities to scale back risk in AI environments with a give attention to model risks and data compromise. improvements Cortex XSIAM This includes an integrated AI-driven security operations platform, improved cloud detection threat evaluation, and a BYOML framework for constructing custom ML models. The Precision AI security package uses machine learning, deep learning and generative AI to combat advanced threats equivalent to web-based and zero-day attacks and DNS hijacking. AI Access Security provides robust controls and proactive threat prevention. AI Security Posture Management (AI-SPM) improves the safety of the AI ​​ecosystem by identifying vulnerabilities and misconfigurations. AI Runtime Security protects AI-powered applications from threats equivalent to prompt injections and model DoS.
SentinelOne introduces Singularity Cloud Native Security CNAPP and recent features inside its Singularity platform. The results of SentinelOne's recent acquisition of PingSafe, Singularity Cloud Native Security CNAPP is designed to emulate attack strategies and supply security teams with a prioritized, evidence-based list of potential exploit paths. The goal is to present security teams the pliability to enable preventive security measures against critical vulnerabilities. The platform's Offensive Security Engine minimizes false positives and increases the relevance of alerts, setting it other than competitors available on the market. Purple AI, SentinelOne's AI platform. Now features AI-powered anomaly detection, automated alarm triage, AI-powered response recommendations, hyper-automation rules, and 24/7 automated investigations. The company has also added an integration with Mandiant Threat Intelligence. All current and future Purple AI capabilities are integrated into the Singularity platform and accessible through the corporate's recent Singularity Operations Center.
SEC compliance and CISO liability dominated discussions. A CISO who spoke on condition of anonymity told VentureBeat he has two big goals this 12 months: securing the corporate to drive greater growth and staying out of jail. CISOs are concerned about compliance with SEC material event reporting guidelines. CISO liability, Securities and Exchange Commission (SEC) compliance guidance, secure-by-design, and software supply chain security dominated discussions with CISOs and CIOs.
CISOs welcomed the Cybersecurity and Infrastructure Security Agency's (CISA) Secure by Design initiative, which requires vendors to guard their customers' data and identities as a core business requirement.