Some household names have just revealed significant new security products and services.

April 17, 2018

5 Min Read
Dark Web, hacker
Shutterstock

By Todd R. Weiss

RSA CONFERENCE — New silicon-level, on-chip threat detection technologies from Intel and an enhanced cybersecurity incident response system from IBM Resilient are two of the most significant product announcements so far as the RSA 2018 security conference opened Monday in San Francisco.

Also unveiled were new products from a wide range of security vendors, including InfoSec Global, Fidelis, A10 Networks, RedLock and others, as the war on cyberattacks continues to gain new tools and technologies throughout the channel.

From Intel, the new Threat Detection Technology aims to help detect advanced cyberthreats and exploits on the heels of the Meltdown and Spectre vulnerabilities, revealed in January, that affected many chips from Intel and competitors including AMD.

The first capability offered as part of Intel Threat Detection Technology is Advanced Memory Scanning, which uses Intel’s integrated graphics processor to enable scanning while reducing impacts on main processor performance — a result of earlier memory scanning techniques.

“Early benchmarking on Intel test systems show CPU utilization dropped from 20 percent to as little as 2 percent,” according to Intel.

A second Intel Threat Detection Technology capability, called Advanced Platform Telemetry, was also unveiled at RSA 2018. It brings together platform telemetry with machine-learning algorithms to improve the detection of advanced threats, while reducing false positives and minimizing performance impacts, Intel said.

Cisco plans to integrate the Intel Advanced Platform Telemetry into its new Cisco Tetration data-center security and cloud workload protection platform, while Microsoft will integrate Advanced Memory Scanning into its Windows Defender Advanced Threat Protection antivirus services.

Intel also launched a new framework, Intel Security Essentials, that will standardize built-in security features across Intel processors to help ensure a consistent set of critical root-of-trust hardware security capabilities across the company’s Core, Xeon and Atom processors. The framework will add platform-integrity technologies for secure boot, hardware protections, accelerated cryptography and trusted execution enclaves to protect applications at runtime.

IBM Resilient Adds Intelligent Orchestration Capabilities

Designed to bring together multiple tools to battle cyberattacks, IBM’s Resilient division is enhancing its Resilient Incident Response Platform with new Intelligent Orchestration capabilities that will focus on improving security incident response using human and machine-based intelligence.

Using the enhanced Resilient IRP, security analysts “can orchestrate and automate time-consuming, repetitive, and complicated actions that previously required significant human intervention, while bringing in enterprise-grade, bidirectional integrations through a drag-and-drop business-process management notation workflow engine. These features allow security teams to build Dynamic Playbooks which enable a guided response, helped along by step-by-step assistance from the platform.  IBM announced the acquisition of the former Resilient at RSA in 2016.

IBM also announced new partner integrations available through the IBM Security App Exchange. The IBM Resilient Orchestration Ecosystem features partners including Cisco, McAfee, Splunk, Carbon Black, Symantec and others, allowing customers to share data and actions between multiple technology products and security tools, the company said.

Other key RSA 2018 Conference product announcements include:

(continued on next page)

  • InfoSec Global unveiled its AgileSec VPN commercial product which supports custom, standard and multi-crypto environments to protect corporate networks. The AgileSec VPN uses sovereign or custom cryptographic algorithms, as well as the strongest internationally standardized cryptography.  AgileSec VPN scales to site networks, mobile, IoT devices and cloud environments.

  • Micro Focus announced ArcSight Enterprise Security Manager (ESM) 7.0, the latest version of its enterprise-level threat detection system. ESM helps security-operations centers expand their cybersecurity footprints to quickly respond to fast-moving threats by using real-time intelligence to identify and impede potential cyberattacks. The latest version includes improved correlation fidelity with more contextual event analysis, more efficient resource usage and improvements to ESM availability and redundancy.

  • Fidelis Cybersecurity launched the latest version of its Elevate platform, which now can protect cloud assets by deploying and managing deception defenses in cloud environments. The new capabilities allow enterprises to mimic their cloud assets and lure attackers to the deception environment to push attacks from their critical systems in the cloud or on-premises.

  • A10 Networks introduced One-DDoS Protection, featuring software enhancements to its high-performance appliances to bolster their defense against distributed-denial-of-service (DDoS) attacks. The One-DDoS Protection uses machine learning to automate a wide range of protections, including peacetime traffic learning, detection threshold settings and fast mitigation response. The new capabilities are available on A10 Thunder ADC (Application Delivery Controller), CGN (Carrier Grade Networking) and CFW (Converged Firewall) product lines with orchestrated attack scrubbing on Thunder TPS (Threat Protection System).

  • RedLock announced enhanced security and compliance capabilities for Azure cloud environments through an integration with Microsoft Azure Network Watcher, which provides insights into network traffic patterns. By integrating with Azure Network Watcher, RedLock’s Cloud 360 platform gains a wide range of new features, including discovery and inventory of all cloud assets, assessment and reporting on compliance against industry standards and detection of threats such as network intrusions, account compromises and insider threats.

  • Aqua Security introduced its collaboration with VMware which will help enterprises protect applications deployed across virtual machines and containers. The collaboration combines Aqua Container Security Platform and VMware AppDefense to provide enterprise security teams with integrated tools to secure applications that include containerized and non-containerized components. By combining the tools, enterprise security teams will gain improved visibility across VMs and containers, as well as protections from running VMs that don’t derive from approved VM images.

  • LogicHub unveiled a partnership with Anomali to provide automated threat detection and response capabilities for IT security teams using LogicHub’s intelligent security automation tools and Anomali’s early threat detection capabilities. The collaboration aims to reduce false positives in reporting and to enable security operations teams to bring in threat intelligence to their automated investigation process.

The RSA 2018 conference continues through April 20.

Read more about:

Agents
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like