SAN FRANCISCO—Here is a listing of some key news announcements from Day 1 of the RSA 2020 Security Conference here at Moscone Center. Attendance has been down somewhat this week, due mostly to curtailment of international travel due to the outbreak of the coronavirus, which originated in China several weeks ago. An estimated 18,000 people are registered for the conference.
Exabeam Launches New Cloud Platform
Foster City, Calif.-based Exabeam on Feb. 25 unveiled its Exabeam Cloud Platform at RSAC 2020, designed to help security leaders mature their security posture; aid architects to secure new use cases by expediting the provisioning and consumption of new applications, tools and content; and make security engineers and analysts more efficient with simplicity of use and deployment.
Other than all those functions, the platform does next to nothing. (We're kidding here.)
Applications, including the previously announced Exabeam Threat Intelligence Service and the new Exabeam Cloud Archive, will be available on the cloud platform through the Exabeam Application Marketplace. The first tool, the Exabeam Parser Editor, a patented self-service parser tool, is being made available with the launch of the Exabeam Cloud Studio on the Cloud Platform.
The multi-tenant Cloud Platform extends Exabeam’s security information and event management (SIEM) solution with capabilities unique to Exabeam—user and entity behavior analytics (UEBA) and object-centric workspaces—as well as cloud storage, data graphing and integrations with over 250 products. As a cloud offering, engineering tasks needed to deploy and maintain the infrastructure’s underlying services are eliminated.
Proofpoint Launches Integrated Email Security Platform
Sunnyvale, Calif.-based Proofpoint on Feb. 25 announced what it billed as the industry’s first integrated, end-to-end solutions that address business email compromise (BEC) and email account compromise (EAC) attacks by combining Proofpoint’s secure email gateway, advanced threat protection, threat response, email authentication, security awareness training, and cloud account protection.
In addition, to help organizations combat advanced cyberattacks that use both email and cloud vectors, Proofpoint also announced multiple Proofpoint Cloud App Security Broker (CASB) to safeguard the cloud applications employees access every day, such as Amazon Web Services, Box, Google G Suite, Microsoft Office 365 and Slack.
"BEC and EAC attacks have cost companies over $26 billion worldwide, and have been responsible for more cyber insurance claims than any other threat, including ransomware,” said Ryan Kalember, Executive Vice President of Cybersecurity Strategy for Proofpoint. “Ninety-four percent of data breaches start with attacks targeting people via email. Advanced threats are now combining both email and cloud vectors whereby a single malicious email can lead to an infiltrated cloud account, which in turn can lead to phishing or email fraud attacks internally and throughout supply chains."
Stopping BEC and EAC attacks is top of mind for organizations as cybercriminals continue targeting individuals via email with highly personalized social engineering messages. Those messages can take the form of BEC impostor emails that work to trick people into sending money and data to fake accounts and recipients. In the case of EAC, fraudsters work to compromise email accounts via credential phishing, password spraying, and/or malicious third party applications to maintain persistence and profile business activity such as new business partnerships or regular wire transfers to partners or vendors.
Armed with this insight, attackers can craft and send convincing and timely emails masquerading as a real employee with what appears to be a legitimate financial request, and can lead to significant financial loss.
The latest Proofpoint’s CASB features include:
- new automated detection and remediation of malicious third-party applications in Microsoft Office 365 and Google G Suite. This innovation will help stop attacks that may start by email and launch third-party applications that provide attackers with persistent system permissions and access;
- expanded suspicious file activity detection for Microsoft Office 365 through integration with Proofpoint threat intelligence;
- two risk-based access enhancements that detect if a user device is unmanaged and restricting access—and the ability to determine risk levels during login and respond with adaptive controls, such as multi-factor authentication;
- increased shadow IT visibility into 46,000 applications with more than 50 attributes per application; and
- enhanced real-time data loss prevention (DLP) for approved apps through an integration with Proofpoint Browser Isolation
For more information on Proofpoint’s BEC and EAC bundles, go here.
Imperva Bops Bots with New Integrated App
Redwood Shores, Calif.-based Imperva has announced Advanced Bot Protection, a new solution that fully integrates its bot management technology into the Imperva Cloud Application Security solution. The solution enables true defense-in-depth security by delivering bot protection in a single stack model, while making deployment easier, faster and more flexible for customers.
Advanced Bot Protection defends mission-critical websites, mobile apps, and APIs from automated threats--including web scraping, account takeover, transaction fraud, denial of service, competitive data mining, unauthorized vulnerability scans, spam, click fraud, and web and mobile API abuse--without affecting the flow of business-critical traffic.
Integrating the solution into Imperva Cloud Application Security delivers high-end capabilities in a single security stack, giving customers true defense-in-depth security through Imperva’s market-leading DDoS, WAF and bot solutions, Imperva said.
The integration of Advanced Bot Protection into Imperva Cloud Application Security provides key deployment benefits for customers, including:
- Ease: The ‘easy’ button to deploy Advanced Bot Protection allows for a low-touch and simple deployment within Imperva’s single stack
- Speed: Deployed in a matter of minutes versus weeks
- Flexibility: Customers now have two deployment options to choose from – an integrated single-stack deployment integrated with Cloud WAF, or deployment through Connectors into other technologies including AWS, Cloudflare, F5 Networks, and NGINX
Advanced Bot Protection follows Imperva’s acquisition of Distil Networks, a leader in bot management. The solution will be generally available in April 2020. To sign up for the Advanced Bot Protection beta program, go here. To learn more about Imperva’s bot management capabilities, go here.