6 Hot New Security Offerings Ready To Stand Guard
An array of new cybersecurity product releases during the first few months of the year has made for a busy start to 2023. Here’s a look at some of the hottest new security products and services hitting the market.
A number of cybersecurity product and services launches have made for a busy first half of 2023 in the security industry. Cybersecurity vendors that announced major new offerings during the initial months of the year included companies such as SentinelOne, CrowdStrike, Cisco, Microsoft, Securonix and ThreatLocker.
Major themes for new cybersecurity product launches in 2023 have included the use of AI/ML for improving cyberdefense, including the application of generative AI using large language models such as OpenAI’s GPT-4. In particular, many vendors have been focusing in on using generative AI — as well as technologies such as XDR (extended detection and response) — to make life easier for security analysts, who are often overwhelmed with threat information to sift through.
What follows is a look at some of the hot new security products and services hitting the market in 2023.
SentinelOne Purple AI
SentinelOne recently unveiled a new threat hunting tool for its Singularity platform, Purple AI, which utilizes generative AI in an effort to dramatically improve productivity for security analysts. Security analysts will be able to use the new generative AI interface in the Singularity Skylight platform to ask questions about threats in a customer’s environment—for instance, is a certain threat actor present in this environment? the ability to use natural language to query a system will offer massive time-savings to analysts and will allow security teams to respond to more alerts and catch more attacks, according to the company. “I think for us, it’s a whole new way to reimagine cybersecurity,” SentinelOne co-founder and CEO Tomer Weingarten said in an interview with CRN. Mountain View, Calif.-based SentinelOne trains the large language model behind Purple AI “with so much security operations data that you virtually create a machine-human analyst with unlimited scale,” Weingarten said.
CrowdStrike Falcon Complete XDR
CrowdStrike recently unveiled Falcon Complete XDR, a new managed extended detection and response offering that aims to make the technology applicable to more customers and partners than it has been to date. The service offers around-the-clock management of the Austin, Texas-based vendor’s XDR platform, which security teams can use to correlate and prioritize threats from across an organization’s environments and devices. Falcon Complete XDR also integrates tools from third-party vendors in the CrowdXDR Alliance in key segments such as security service edge, identity security, firewalls, email security and network detection and response.
Microsoft Security Copilot
Microsoft recently unveiled its first generative AI-powered tool for cybersecurity professionals, Security Copilot, which uses the latest version of OpenAI’s large language model technology, GPT-4. Security Copilot is the “first and only generative AI security product that builds upon the full power of GPT-4 AI to defend organizations at machine speed and scale,” said Vasu Jakkal, corporate vice president for security, compliance, identity and management at Redmond, Wash.-based Microsoft, during an online event to introduce the product. Security Copilot tailors the generative AI technology toward cybersecurity by combining GPT-4 with Microsoft’s own security-focused AI model.
Cisco XDR
Cisco Systems’ new extended detection and response (XDR) platform has been built from the “ground up” and goes beyond the prior XDR capabilities that have been available in the tech giant’s SecureX offering, according to Jeetu Patel, executive vice president and general manager of security and collaboration at San Jose, Calif.- based Cisco. The new Cisco XDR platform fuses network detection and response (NDR) and endpoint detection and response (EDR), providing “cross-domain telemetry” in a way that no one else in the market is doing, Patel told CRN. The offering also stands out from security information and event management (SIEM) products by being “near-real-time” when it comes to delivering threat detection and prioritization, he said.
Securonix Unified Defense SIEM
Securonix, Addison, Texas, recently unveiled a new SIEM platform that works with data feeds from Snowflake’s data lake, with the aim of better accommodating the massive volumes of security-relevant data that modern enterprises generate through a cloud-native approach. The Securonix Unified Defense SIEM can leverage 365 days worth of “hot” searchable data from the Snowflake Data Cloud, providing enhanced visibility into potential threats, and also offers a single-tier storage model that can support large-scale searches while eliminating many of the data management issues associated with a standard tiered-storage model.
ThreatLocker OPS
ThreatLocker recently unveiled its first-ever capabilities for detection of malicious activity, such as an attempted cyberattack, in a move to help managed services providers do even more to protect their end customers. The Orlando, Fla.-based endpoint security company unveiled Ops, a new threat detection tool that aims to augment the capabilities of the 4,000 MSPs using its platform. Because ThreatLocker’s “application allowlisting” functionality ensures that malware cannot run in customer IT systems, the company hadn’t previously focused on detection of cyberattacks. However, ThreatLocker said it has recognized there is still value in detecting attempted attacks, since this can often help an MSP to take other cyberdefense measures for the customer that’s been targeted.