Post-RSAC, Our Heads Are Spinning, and Big News Keeps on Coming! – ESW #362
Suddenly SIEMs are all over the news! In a keynote presentation, Crowdstrike CEO George Kurtz talked about the company's "next-gen" SIEM. Meanwhile, Palo Alto, who was taken to task by some for not having an active presence on the RSAC expo floor, hits the headlines for acquiring IBM's SIEM product, just to shut it down!
Meanwhile, LogRhythm and Exabeam merge, likely with the hopes of weathering the coming storm. The situation seems clear - there's no such thing as "best of breed" SIEM anymore. It's a commodity to be attached to the existing dominant security platforms. Are the days numbered for the older pure-play SIEM/SOAR vendors out there? Crowdstrike and Palo Alto alone could displace a lot of incumbents, even with a less than stellar product.
Announcements
Security Weekly listeners: Join the digital identity community at the ARIA Resort & Casino in Las Vegas, May 28 – 31. The 15th annual Identiverse will bring together over 3,000 security professionals for 4 days of world-class learning, engagement, and entertainment.
As a community member, receive 25% off your Identiverse 2024 tickets using code IDV24-SW25!
Register today: securityweekly.com/idv2024
Dive into cybersecurity with CyberRisk Alliance for exclusive insights from RSA Conference 2024. Explore executive interviews with industry leaders, uncovering visionary perspectives on threats and strategies. Delve into curated articles on trends and innovations, equipping yourself with essential knowledge for today's cyber landscape. Visit securityweekly.com/RSAC for expert guidance and inspiration in navigating cybersecurity challenges confidently.
Hosts
- 1. FUNDING: Eyeing more buyouts, cyber startup Wiz raises $1 bln in private funds
But who will they be buying out, now that the Lacework deal seems to have died?
- 2. FUNDING: TXOne Networks, Leader in Cyber-Physical Systems (CPS) Security, Raises $51 Million in Total in Series B Extension Round Funding
- 3. FUNDING: Traceable AI Secures $30M Strategic Investment Round
- 4. FUNDING: Ransomware defense company Mimic emerges from stealth, announces $27M seed round from Ballistic, Menlo, Team8, Wing, and Shield
- 5. FUNDING: LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere
More browser security!
- 6. FUNDING: Sam Altman-backed Apex emerges from stealth with $7M to help secure AI adoption
- 7. FUNDING: Niobium Secures $5.5 Million in Venture Financing to Commercialize FHE Accelerator Chip
- 8. FUNDING: Resonance Security Closes $1.5M in Pre-Seed Funding
- 9. FUNDING: Startup Dealflow: New Investments at Resonance, RunReveal, StepSecurity, Insane Cyber
- 10. ACQUISITIONS: Akamai Announces Intent to Acquire API Security Company Noname
- 11. ACQUISITIONS: Palo Alto Networks is buying security assets from IBM to expand customer base
- 12. MERGERS: SIEM and UEBA vendors LogRhythm and Exabeam to merge, analysts express mixed feelings
Makes sense, but still a bit of a shocker to see two potential competitors merging. Sign of the times, particularly for the more mature and saturated SIEM/SOAR/UEBM markets.
- 13. ACQUISITION RUMORS: Wiz deal to acquire Lacework collapses
- 14. NEW COMPANIES: SquareX: Be Fearless Online
More browser security! Why do they all have "X" on the end?
- 15. NEW PRODUCTS: Introducing Google Threat Intelligence: Actionable threat intelligence at Google scale
- 16. NEW PRODUCTS: Splunk Asset and Risk Intelligence
Competing in the CAASM market?
- 17. NEW FEATURES: BalkanID Copilot
- 18. ANNOUNCEMENTS: Microsoft overhaul treats security as “top priority” after a series of failures
- 19. ANNOUNCEMENTS: Tech Giants Agree to Build Security into Software Products
- 20. DUMPSTER FIRE: Millions of Malicious Containers Found on Docker Hub
An almost literal dumpster fire, if we consider dumpsters containers, that is...
- 21. WHOOPSIES: Google Cloud accidentally deletes UniSuper’s online account due to ‘unprecedented misconfiguration’
- 22. REPORTS: Research Report: 2024 State of Exposure Management
- 23. RSAC: Some numbers on attendance from RSAC’s Twitter account
- 24. RSAC: Final — and deep — thoughts from RSA 2024
Am I reading this right? 40,000 attendees at RSAC, and another 40,000 that were in attendance, but didn't go into the conference proper? If so, that's an interesting stat, and I wonder how it has trended over the years.
For years, we've been hearing, "you need to attend, but no need to buy a ticket", as there are so many side conferences and meetup opportunities outside the conference.
- 25. ESSAYS: The Future of SOC Automation Platforms
Great time for this discussion as legacy SIEMs are merging, getting shut down...
- 26. ESSAYS: The Rise Of Application Security Posture Management (ASPM) Platforms
- 27. AI NEWS: Hello GPT-4o
This is a big one - real time AI chat, two AI bots talking to each other, singing, different vocal tones, etc. Opens up a lot more use cases for high quality GenAI models.
- 28. AI NEWS: Stack Overflow users sabotage their posts after OpenAI deal
- 29. AI SECURITY: tldrsec/prompt-injection-defenses: Every practical and proposed defense against prompt injection.
- 30. PRIVACY: Troubling iOS 17.5 Bug Reportedly Resurfacing Old Deleted Photos
This doesn't fare well for shared responsibility models. If it can happen on the consumer side...
- 31. TRENDS: Banking on trust: How consumer banking behavior is swayed by security
Allegedly, perceived cybersecurity posture drives consumer decisions in banking. Do we buy that? If so, what other consumer/business decisions will it drive?
- 32. SQUIRREL: Fly the friendly skiiiiiiiiieeeesss OMGOMGOMG
- 33. SQUIRREL: NothingSaaS – The Ultimate SaaS Solution for Nothing
