Black Hat USA 2023, one of the premier global cybersecurity events, took place this week in Las Vegas. The conference served as a launchpad for numerous cybersecurity products and services, with both established vendors and emerging startups showcasing their innovations.
The event featured a diverse range of security products, illustrating the breadth of solutions available in the market. Some notable technologies showcased at Black Hat included generative-AI based cybersecurity tools, extended detection and response (XDR) software, threat hunting and Security Operations Center (SOC) automation, application security products, and vulnerability management programs.
One of the highlights of the event was Cycode’s announcement of their extended application security posture management (ASPM) system. This system has expanded its capabilities to include support for Confluence, AWS S3 buckets, and Azure environments. Additionally, Cycode introduced an IDE plugin for integration with VS Code, enabling developers to detect and remediate hard-coded secrets within one system. Furthermore, Cycode showcased its collaboration with Azure, allowing their CI monitoring solution, Cycode Cimon, to operate with Azure DevOps pipelines. This collaboration enables SLSA (Supply Chain Levels for Software Artifacts) attestation generation. All of these exciting capabilities were made available immediately after the event, with pricing yet to be disclosed.
Another significant debut at Black Hat was NetRise’s extended internet of things (XIoT) security platform. NetRise added ingestion support for two major software bill of materials (SBOM) formats, SPDX and CycloneDX, to their platform. These features allow users to export data in either format and enrich SBOMs with vulnerability information. NetRise also overlaid the cybersecurity and Infrastructure Security Agency’s (CISA) key exploited vulnerabilities (KEV) catalog data onto their platform. This integration simplifies the process of identifying, addressing, and prioritizing known exploits. These new features were included in the current pricing model and became available on August 9.
ThreatConnect, a leading provider of threat intelligence solutions, showcased their enhanced machine-learning powered TI Ops Platform at Black Hat. This platform now includes new intelligence requirement capabilities, aimed at helping customers define, manage, and track their intelligence requirements (IRs), priority intelligence requirements (PIRs), and requests for information (RFIs). This enhancement solves the problem of ad-hoc and siloed threat intelligence production by involving stakeholders in the process. The capability is included in the current pricing model and was made available to existing and new customers starting from August 7.
Ironscales, known for their phishing mitigation solutions, announced two exciting capabilities at the conference. They introduced GPT-powered phishing simulation testing (PST), designed to help employers generate highly personalized spear-phishing simulation campaigns. This feature is particularly useful in combating advanced phishing attacks that are hard to detect. Ironscales also rolled out accidental data exposure (ADE) as a new capability, which alerts employees when they send potentially sensitive information. These new capabilities were showcased at Black Hat and made available under beta to limited users until general availability later this year. Pricing for these capabilities will be determined based on feedback from the beta launch.
Overall, Black Hat USA 2023 was a platform for groundbreaking cybersecurity innovations. The event showcased a wide range of products and services that are set to shape the future of cybersecurity. The industry is constantly evolving, and events like Black Hat provide a glimpse into the exciting advancements being made to protect against ever-evolving threats.