LAS VEGAS – Here’s what I discovered last week here at Black Hat USA 2024: GenAI is  very much in the mix as a potent X-factor in cybersecurity.

Related: Prioritizing digital resiliency

I spoke with over three dozen cybersecurity solution providers. Some of the more  intriguing innovations had to do with leveraging GenAI/LLM-equipped chatbots as proprietary force multipliers.

This is all part of Generative AI and Large Language Models igniting the next massive technological disruption globally. In the next five years, GenAI/LLM deployments are expected to add $2.6 to $4.4 trillion annually across more than 60 use cases, according to recent McKinsey study; a recent AWS survey predicts that over 93% of employers will use GenAI/LLM to increase innovation and creativity, automate repetitive tasks and boost learning.

Part of this tech revolution will play out in the cybersecurity sector as vendors perfect ways to assign GenAI/LLM to the task of helping companies get a better grip on data sprawl. Massive, indiscriminate ingestion of data was an intractable mess long before this mad scramble to insert AI assistants high and low in company operations.

“AI thrives on large datasets, “Steve Stone, head of Rubrik Zero Labs told me. “When you add AI into the mix, it further intensifies the challenge of managing data sprawl and the associated risks.”

Ditto when it comes to detection sprawl, if you will, in the cyber realm. I’m referring to the proliferation of fragmented, siloed security systems. “Managing all of that telemetry, bringing it together, prioritizing the alerts and remediating them, well, that’s where things break in the real world,” observes Willy Leichter, CMO of AppSOC.

Roger that. Just ask CrowdStrike. After strolling the exhibits floor at Black Hat USA 2024 and speaking with the solution providers, I jotted down two categories of cybersecurity advancements: ‘coding level’ and ‘operational level.’ Highlights of what I learned:

Coding level

The continual monitoring and hardening of business software as it is being rapidly developed, tested and deployed in the field has become a foundational best practice. When it comes to the broad category of Application Security (AppSec,) there’s a lot is going on.

AppSec technology security-hardens software at the coding level. Then there’s the sub-category of application security posture management (ASPM.) ASPM toolsets came along in 2020 or so to help organizations get more organized about monitoring and updating code security as part of meeting data privacy and security regulations.

Big name tech vendors like Palo Alto Networks, Cisco, IBM and even CrowdStrike have since integrated ASPM services in their platform offerings. And alongside them there is a thriving cottage industry of independent ASPM solution providers. I spoke at length with three of them: AppSOC, Cycode and OX Security.

San Jose, Calif.-based AppSOC launched in 2021 to aggregate, consolidate and prioritize security data from various toolsets used in the software development lifecycle (SDLC). AppSOC leverages AI to reduce the noise from multiple data sources and intelligently prioritizes vulnerabilities based on exploitability and business impact, Leichter told me.

Meanwhile, Tel Aviv, Israel-based Cycode started in 2019 to deliver a secrets detection service; it subsequently evolved into supplying advanced ASPM technology, says regional sales manager Kyle Vanderzanden. Cycode uses dedicated, in-house scanners to vet code within the hectic flow of the software development and deployment processes so as to not slow down innovation, he says

I also hosted a LW Fireside Chat podcast with OX Security CEO Neatsun Ziv. We did as deep dive on the evolution of ASPM solutions over the past four years and we discussed so-called Active ASPM;  give a listen once the podcast, which is on track to go live as LW’s Top Story  tomorrow (Aug. 11.)

I’d also put San Francisco-based Traceable and Cambridge, Mass.-based ReversingLabs in the bucket of coding-level solution providers at the leading edge. In my LW Fireside Chat with Traceable’s Amod Gupta, which you can listen to here, we dissect the reasons why API Security is so effective at mitigating online fraud; we also spoke about the emerging need to help enterprises secure their  GenAI deployments.

And stay tuned for my upcoming LW Fireside Chat with ReversingLabs Chief Trust Officer Saša Zdjelar, in which he describes ReversingLabs’  unique approach to deeply vetting new code in a way that greatly enhances Software Build of Materials (SBOMs.)

Operational level

It’s not enough, of course, to do security well at just the coding level. Multiple layers of proactive protection are required to achieve resiliency in a massively complex, highly dynamic operating environment.

This includes hardware security. I spoke to Brett Hansen, CMO, of Cigent Technology, and John Gunn, CEO of Token,  about discreet security devices at the hardware layer: for remote data storage and privileged access, respectively

Based in Naples, Fla.- Cigent provides security-enhanced SSDs and microSDs. Its solution includes hardware encryption, software-based multi-factor authentication, and AI-driven anomaly detection within the storage itself, Hansen noted.

New York, NY-based Token is on the verge of introducing a very unique wearable – a smart security ring activates by a fingerprint sensor and hardened to make it hackproof. For starters the ring is aimed at system administrators and senior executives, but could eventually go mainstream. For a full drill down, give a listen to my LW Fireside Chat podcast discussion with Gunn.

Yet another layer – easily the most porous one — is the user layer. And by far the two most ubiquitous user interfaces are web browsers and mobile devices.

Island’s Uy Huynh and I discussed how enterprise browsers are gaining traction because of advanced methods to both enhance security and improve efficiency. And I visited with AppDome CEO Tom Tovar to discuss the somewhat surprising, to me at least, results of a global consumer survey highlighting smartphone users’ readiness to abandon brands associated with poorly secured mobile apps.

Screenshot

I also heard from San Francisco-based Horizon3.ai, which announced a strategic partnership with Tech Mahindra, a major India-based multinational tech services company.

Horizon3 will integrate its its NodeZero™ platform, which delivers AI-powered pentesting and other services, with Tech Mahindra’s comprehensive suite of cybersecurity services.

And I learned all about Washington D.C.-based Black Girls Hack and London-based Security Blue Team. These organizations are taking a fresh approach to filling a big unmet need. Give a listen to my conversation with BGH founder Tennisha Martin about the support services they offer to anyone looking to enter or move over to a cybersecurity career. And I also spoke with Melissa Boyle, marketing manager at Security Blue Team, about the array of free and paid cybersecurity skills training services.

Those are my big takeaways from Black Hat USA 2024. Much percolating. As always, I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

August 12th, 2024