Black Hat USA: Check Point, Varonis Systems, Contrast Security, More

BLACK HAT USA — Check Point Software Technologies, Varonis Systems, Contrast Security, Vectra AI and more unveiled their latest innovations Tuesday at Black Hat USA 2024.

The annual event is expected to bring approximately 20,000 cybersecurity professionals from around the world to Las Vegas. Channel Futures is there.

Check Point’s latest innovations revolve around harnessing AI to secure the workspace and beyond. These include:

Check Point On ‘Leading Edge’ in Threat Prevention

Russ Schafer, Check Point’s head of product marketing for security platforms, said his company is on the “leading edge of all of our competitors” when it comes to threat prevention.

Check Point's Russ Schafer

“The ThreatCloud engines … continue to extend that lead in preventing threats and using AI to do that, so empowering enterprises to leverage AI to protect themselves from threats,” he said. “The other solutions are focused on the workspace. How do we enable users to take advantage of AI and protect their ability to use those tools to get the productivity advantages without getting the downside of losing intellectual property or data? So I think the first two are focused on using the tools that can make you more productive while using those safely. And the other is just, how do we leverage AI to prevent, in general, any threats that are coming to your enterprise from the cybercriminals because they're using AI to attack you. So protecting you and making you more productive, but safely.”

Francisco Criado, Check Point’s vice president of global partner ecosystems, said AI comes up in almost every conversation with partners and customers.

“We're confident it's going to contribute significantly to IT spending,” he said. “Partners are optimistic about it, it's coming up in conversations, and a lot of their customers, as a a percentage of the business, are requesting projects that contain some type of AI. We encourage all of our partners to always be services-led, so as they're developing and maturing their practices around AI. They're creating very specific services. So as they work with their customers, they're helping them adopt, implement, use and optimize these AI solutions. But as we're seeing this rapid adoption of AI across the board, there are pros and cons. There are benefits and there are risks.”

There are “very relevant” conversations that Check Point is empowering its partners to have with their customers around AI, Criado said.

Check Point's Francisco Criado

“The first one is around discovery and assessing the gen AI usage across the organization, so which applications are maybe approved ... and then there might be some shadow applications that they shouldn't be using,” he said. “The second area is preventing data loss. We want to address any type of privacy concerns. And then the third is around regulatory, so meeting regulations and making sure that the customers maintain this enterprise-grade visibility and reporting.”

As customers embrace AI solutions, Check Point is empowering partners to do it in a safe and compliant way so “we can all maximize this opportunity in the market,” Criado said.

“There's risk and reward with AI adoption because those same bad actors are using that AI to help attack and try to compromise environments, while we're defending them through our partner ecosystem,” he said. “So it's an ongoing battle here as we look at this.”

Other New Innovations at Black Hat USA

Also at Black Hat, Varonis Systems, a data security and analytics provider, announced new AI capabilities that enhance its data classification engine.

Using machine learning (ML) techniques, Varonis Systems says it can discover, understand and classify customers’ unique data “better than ever.

Varonis Systems says its next-gen AI data classification offers minimal raining requirements, local data scanning, and transparency and flexibility.

“Every Varonis customer is different, each with its own proprietary data types and formats,” said David Bass, Varonis Systems’ executive vice president of engineering and chief technology officer. “By combining the power of trainable AI classifiers and Varonis’ battle-tested classification, organizations can reap the benefits of multiple techniques for maximum accuracy, performance and cost.”

In another product development, Contrast Security introduced Application Detection and Response (ADR).

With Contrast Security ADR, security teams can identify vulnerabilities, detect threats and stop attacks that target custom applications and APIs. ADR positions defenses inside the application, using real-time application attack data that removes blind spots in the application layer to stop attacks against custom apps and APIs.

Contrast Security said ADR is the “next evolution” in application security (AppSec).

Rick Fitz, Contrast Security's CEO, said companies have invested in detection and response capabilities across endpoint, network, cloud and more, and are gaining even greater security control using extended detection and response (XDR) and next-gen security information and event management (SIEM) solutions.

“But attackers continue to leverage gaps in applications and APIs," he said. "ADR closes that critical gap and blocks many zero-day attacks by removing these vulnerable blind spots.”

Staying Ahead of Attackers

Also at Black Hat, Vectra AI unveiled the expansion of its Vectra AI Platform, which now equips security operations center (SOC) teams to discover and pinpoint where their hybrid environment is exposed to attackers.

The Vectra AI platform's attack signal intelligence now provides a holistic view with analytics to discover, deter, detect and disrupt hybrid attackers.

"At Vectra AI, we are constantly innovating to keep up with the evolving attack landscape and stay one step ahead of attackers," said Hitesh Sheth, Vectra AI’s founder and CEO. " ... We believe that SOC teams must have a view of their active posture to understand their exposure to attackers. With that foundation, they must be armed with the right information to actively seek out and identify active attacks across their networks, identities, clouds and gen AI tools. The Vectra AI platform is rooted in a methodology that integrates security research, data science/ML engineering and user experience focused on one mission: Use AI to deliver accurate attack signal at speed and scale."

In addition, Code42, now part of Mimecast, announced new innovations to its Incydr solution to protect against data exfiltration to generative AI tools.

Code42 Incydr unveils new data visualizations to pinpoint and respond to events where data from sensitive business sources moves to generative AI tools such as ChatGPT, Google Gemini, Claude, Jasper and Perplexity.

“There’s no denying that gen AI tools have revolutionized the way we work – and that they will continue to do so exponentially,” said Dave Capuano, Code42’s senior vice president of product management. “Workers just trying to get tasks done quickly are exposing critical intellectual property (IP) by inputting customer data, source code, financial information and a lot more into gen AI tools without a second thought. Most solutions on the market today are not properly equipped to recognize data exfiltration through gen AI tools, let alone make it easy to address the most critical risks. With its enhanced capabilities, Code42 Incydr allows teams to continue innovating with GenAI, while ensuring security analysts can quickly address data loss events.”

Showcasing Innovation at Black Hat

Also at Black Hat, Apiiro, an application security posture management (ASPM) platform, introduced its Risk Detection at Design Phase to mitigate security and compliance risks before a single line of code is written.

This AI-driven capability analyzes feature requests to identify risks, and initiates security reviews or threat models early in the application development life cycle, addressing potential risks associated with architecture design and security controls; sensitive data handling; user permissions and access management; generative AI technology; third-party integrations; and open source dependencies.

“Amidst the ever-changing complexity of modern software development processes and application architectures, Apiiro is committed to delivering complete risk-based visibility and protection from design to runtime,” said Moti Gindi, Apiiro’s chief product officer. “This first-of-its-kind functionality leverages the power of AI to ensure customers have the context required to facilitate efficient security reviews and evolve from a reactive to a proactive approach to application security.”

And finally, Flashpoint unveiled the release of new features and capabilities to its flagship platform, Flashpoint Ignite, and Echosec, its location intelligence solution.

With Ignite, organizations can identify, prioritize and mitigate the threats that matter most.  The latest advancements to Ignite include Investigations management and intelligence requirements.

Echosec helps organizations manage and monitor their distributed, location-based assets, maintaining visibility and situational awareness of potential threats. The latest advancement is location protection, which allows identification, analysis and response to mitigate risks that could disrupt operations, compromise safety or impact business continuity.

"The threat landscape is constantly evolving, with a barrage of increasingly sophisticated threats and complex attack vectors challenging security professionals," said Josh Lefkowitz, Flashpoint’s CEO. "At Flashpoint, we are dedicated to continuous innovation to make threat intelligence easier and more effective with the best data and intelligence. The advancements we’re showcasing at Black Hat USA 2024 with our Flashpoint Ignite and Echosec solutions underscore our commitment to empowering our customers with the actionable and personalized intelligence they need to navigate these challenges, make mission-critical decisions, and protect their people and assets.”