It had been just a few years, so with a lot anticipation, and never slightly trepidation, 26,000 individuals descended on San Francisco for the RSA Convention. Distributors have been desperate to get again out in entrance of a dwell viewers and the expo ground was tightly full of greater than 400 exhibitors. Themes emerged in quite a few providers.
Let’s begin with information safety. With all of the discuss of utility safety needing to “shift left”, (i.e., embedding safety processes into the event pipeline to scale back the assault floor of code earlier than it enters manufacturing), it’s only pure that information safety ought to transfer in the identical course.
Keys and certificates related to functions and containers must be protected, as any group that has adopted a DevSecOps method might be conscious. Certainly, in a great state of affairs, capabilities resembling key administration and encryption are baked into the workflows of builders and DevSecOps groups and “simply work.”
Id was on the middle of many a dialogue. Reaching “zero belief” transformation with passwordless authentication obtained renewed consideration on the present. Eliminating passwords has been the holy grail for a lot of organizations and people over the previous 30 years, and Omdia believes that 2022 would be the yr that we lastly begin to correctly section out passwords.
In terms of infrastructure safety, determining the ‘threat’ of cloud environments was a key matter of curiosity. Distributors resembling Palo Alto Networks, Orca, Wiz, Examine Level, and lots of, many others highlighted tooling to allow deeper understanding of 1’s cloud property, with an growing emphasis on cloud permissions administration as a key focus space.
Working to safe the event course of for creating cloud environments was one other space a lot mentioned, with Infrastructure as Code (IaC) a key sample for reaching vital scale. The broad curiosity in API safety was additionally noteworthy. Specialised distributors resembling Salt Safety, Wallarm, Cequence, and others joined a number of of the cloud safety distributors in including API safety capabilities to their choices.
Wrapping up the important thing subjects round infrastructure safety, it was noticeable how prevalent the conversations round Safe Entry Service Edge (SASE) have been, when it comes to main safety distributors aligning themselves to the broader SASE theme or to its subset often known as SSE. Cisco, Netskope, Versa Networks, Forcepoint, amongst others, demonstrated built-in choices on this area.
Shifting on to SecOps, RSA Convention 2022 will maybe be seen as the primary huge alternative for prolonged detection and response (XDR) distributors to make their case. Quite a few distributors made vital XDR bulletins, together with BitDefender (launching GravityZone XDR answer), CrowdStrike (increasing Falcon’s XDR module), and RSA Group (debuting NetWitness XDR), amongst others. XDR has the potential to revolutionize enterprise menace detection and incident response (TDIR), making it quicker, simpler, and doubtlessly even cheaper to seek out, analyze, and repair cybersecurity threats.
Proactive approaches resembling risk-based vulnerability administration and assault floor administration (ASM) have been additionally within the highlight. It has been clear all through 2022 that ASM merchandise are rapidly changing into an necessary element of broader proactive posture administration methods. The market, significantly for exterior ASM (EASM) options, has been busy with each funding and M&A exercise.