-
The RSA conference 2020 held in San Francisco is one of the leading events for information security vendors to announce their new product offerings.
-
Along with some other security vendors, Google Cloud introduced threat detection and timeline capabilities in Chronicle.
-
The company also launched reCaptcha Enterprise and Web Risk API in general availability.
RSA conference 2020 kicked off on 24 February 2020 in San Francisco with nearly 700 exhibitors and more than 40,000 attendees expected to gather at the Moscone center for the event. On the first day of the event, Google has made a number of security announcements including, upgrades to its Chronicle Security platform and the general release of its reCAPTCHA Enterprise and Web Risk API tools.
In January 2018, Google parent Alphabet formed enterprise security company Chronicle, betting on machine learning’s ability to analyze massive amounts of data, detecting cyber threats more quickly and precisely than traditional methods. But in June 2019, Google .
“The important thing to realize is we’re in this for the long haul. Our backstory platform is the first of what will be many offerings and capabilities over time.”
Stephen Gillett, CEO, Chronicle Security.
Learn more:
Google is hoping to use Chronicle to woo enterprise customers over to its cloud services, away from market leaders Amazon Web Services and Microsoft Azure. This is the first major update to Chronicle since the “merger” closed on October 1.
"Cloud security is a top enterprise IT a priority as organizations modernize their critical business systems both in-place and in the cloud."
Sunil Potti, VP of Google Cloud security.
Chronicle: Advanced threat detection and timelines
Chronicle launched its security analytics platform last year to help businesses investigate alerts and threats. The platform is now getting YARA-L, a new rule language built specifically for real-time and retroactive rule execution, including modern threat types described in Mitre ATT&CK. YARA-L is a callback to . (Google acquired VirusTotal in September 2012.)
Chronicle has also gained intelligent data fusion, a combination of a new data model and the ability to automatically link multiple events into a single timeline. Google will be partnering with other companies here to integrate with this new data structure for an “even more powerful threat response.” So far, the company only has one partner, the security operations platform Palo Alto Networks.
reCaptcha Enterprise and Web Risk API
The and Web Risk API signals they are production-ready and can be purchased separately. Both are based on Google security technologies “that have been protecting users on the web for more than a decade.”
Captcha (Completely Automated Public Turing test to tell Computers and Humans Apart) is a series of challenge-response questions designed to prevent bots from bombarding web sign-up forms with spam. Google’s freely available service — reCaptcha — displays as many as 100 million tests every day via its application programming interface (API). Building on reCaptcha, reCaptcha Enterprise arrived as a beta in April 2019 to defend websites against fraudulent activity like scraping, credential stuffing, and automated account creation. reCaptcha Enterprise recently gained commercial-grade bot defense capabilities to help ensure that a . Google Nest uses reCaptcha Enterprise to help prevent automated attacks by actors seeking to obtain unauthorized access to accounts and devices.
Google’s Safe Browsing service protects over 4 billion devices by providing lists of URLs that contain malware or phishing content to Chrome, Firefox, and Safari browsers, as well as to internet service providers (ISPs). The Web Risk API lets businesses have their client applications check URLs against these lists of unsafe web resources. Google says the API has information on more than a million unsafe URLs, based on examining billions of URLs each day in Google Safe Browsing.
At the event, another security vendors also announced their product launches and updates. Like Cisco unveiled SecureX, a new cloud-native security platform designed to improve visibility, deliver analytics, and automate common security workflows. In addition to unifying existing security products, Cisco told SecurityWeek, the new platform adds an action orchestrator to “build automated playbooks to accelerate workflows such as threat investigation and remediation, as well as enable better collaboration amongst SecOps teams as well as IT and NetOps teams.”
Fortinet announced FortiAI, a new on-premises appliance that leverages self-learning Deep Neural Networks (DNN) to speed threat remediation and handle time consuming manual security analyst tasks.
Learn more:
Checkmarx announced a new orchestration module (CxFlow) for its software security platform that integrates with application release orchestration and agile planning tools. CxFlow will help organizations improve the security of their software without interrupting developer workflows, the company says, noting that enhancements to its platform will provide more seamless implementation and automation of application security testing (AST) in development and DevOps environments.
CyberArk announced enhancements to its Endpoint Privilege Manager that provide privilege-based deception capabilities designed to defend against credential theft on workstations and servers and help defenders to quickly detect and proactively shut down in-progress attacks.