The RSA Conference, held in San Francisco from May 6-9, brings together cybersecurity professionals from across the world. This year’s conference is buzzing with conversation about generative AI: how to use generative AI to protect against attacks and how to secure generative AI itself.
We’re rounding up the enterprise business tech news from RSA that is most relevant for IT and tech decision-makers. This article will be updated throughout RSA with more tech news highlights.
Google updates Google Security Operations and more with Gemini AI
Google is combining the security capabilities of information security company Mandiant and malware scanner VirusTotal with Gemini AI and Google’s own user and device footprint in a new offering called Google Threat Intelligence. Available May 6 wherever Google Cloud Security is distributed, Google Threat Intelligence uses Gemini AI to get a top-down look at security data, competing with Microsoft’s Copilot for Security.
In addition, Google announced:
- New curated detections for Google Security Operations that are designed to reduce manual processes and suggest outcomes relevant to the wider Google Cloud and updated to include recently-detected threats.
- AI consulting services from Mandiant, which can red team both an organization’s AI defenses and how an organization’s security could be compromised by AI.
- New services taking advantage of Gemini in Security.
Microsoft enhances Copilot for Security, Defender XDR, Sentinel and Purview
As part of RSA, Microsoft announced a variety of new tools and features for Microsoft Defender XDR, the security solution portal. Security researchers using Defender XDR can now:
- See insider risk information.
- Use native operational technology protection, which enables them to manage OT and industrial technology control system vulnerabilities right in Defender XDR.
- Take advantage of new tools with AI for disrupting compromised users, including in cases where attackers have compromised an individual account using leaked credentials, credential stuffing or guessing.
Microsoft Purview can now spot vulnerable AI touchpoints
In Purview, the AI Hub is now available in preview. The AI Hub reveals which sensitive data might be shared with AI applications including Microsoft Copilot, highlighting possible risks. The AI Hub will also highlight whether your AI deployments are compliant with major regulations and standards such as the EU AI Act and NIST AI Risk Management Framework.
Sentinel SOC Optimizations suggest cost-saving measures and more
Microsoft Sentinel will now include SOC Optimizations, that guide security personnel through managing costs, increasing the value of data and improving defenses.
Integrations added to Microsoft’s Copilot for Security AI assistant
Microsoft Copilot for Security now integrates with Purview, Azure Firewall, Azure Web Application Firewall and select new partner plugins.
IBM and AWS research: Generative AI’s unpredictable risks worry the C-suite
IBM and AWS published a report during RSA on how executives are thinking about securing generative AI. The report found that fewer than a quarter (24%) of respondents said they are including security as part of their generative AI projects — possibly a sign that hyperscalers have a niche to step into as the business of securing AI projects becomes more mainstream.
Most respondents were concerned about generative AI’s effect on security, with 51% saying they were worried about unpredictable risks and new security vulnerabilities arising, and 47% watching out for new attacks targeting AI. IBM pitched its Framework for Securing Generative AI, which was released in January 2024, as a solution.
Risk and governance frameworks will be key to help secure generative AI, IBM and AWS found in the report. In addition, IBM is extending its X-Force Red testing services to AI, including generative AI applications, MLSecOps pipelines and AI models.
SEE: It’s open season on Adobe’s Firefly and Content Credentials for select bug bounty hunters. (TechRepublic)
McAfee Deepfake Defender will flag fake videos
As Intel is making its Core Ultra PCs ready for onboard AI, McAfee has partnered with Intel to detect misinformation and deepfakes. Using the neural processing unit (also known as an AI accelerator), McAfee Deepfake Detector will flag photorealistic AI-generated videos.
Deepfake Detector was first revealed in January at CES. On May 6 at RSA, McAfee detailed that Deepfake Detector is expected “soon,” starting in English and expanding to other languages.
Proofpoint adds AI screening to email security products
At RSA, Proofpoint announced two novel email security services:
- Pre-delivery semantic analysis, the large language model-based detection of social engineering emails to stop email fraud or malicious links before they reach Microsoft 365 and Google Workplace inboxes.
- Adaptive Email Security, an Integrated Cloud Email Security solution with automatic quarantining and explanation of behavioral anomalies for high-value targets.
Both of these email security services are available May 6. Adaptive Email Security is available only on a rolling basis for select customers who already have standard email security packages and have identified high-risk employees.
Cisco and Splunk expand Cisco Hypershield
On May 6 at RSA, Cisco showed one of the first results of its March acquisition of Splunk. Cisco added two capabilities to its Cisco Hypershield data center and cloud security product, which can now:
- Detect and block attacks from unknown vulnerabilities within runtime workload environments.
- Isolate suspected workloads.
Cisco also announced that Cisco Identity Intelligence AI analytics are now available in the Cisco Duo security platform, adding specific tools to catch identity-based attacks.
Splunk announced on May 6 a new asset and risk intelligence solution called Asset and Risk Intelligence. Splunk Asset and Risk Intelligence is now in early access.
TechRepublic is covering RSA remotely.