The Black Hat USA 2019 cybersecurity conference attracted thousands of IT professionals, researchers, MSPs and MSSPs. Track this live blog from MSSP Alert for the latest news, analysis and chatter throughout the conference.
Our news coverage and analyis, organized below, spans:
Day 1 - Monday, August 5 (below)
Day 2 - Tuesday, August 6 (below)
Day 3 - Wednesday, August 7 (below)
Day 4 - Thursday, August 8 (below)
Day 5 - Friday, August 9 (stay tuned; we'll add meeting recaps soon)
38. Container Security:SentinelOne's latest server and workload protection offering is now available. The new product, purpose-built for containers, including managed or unmanaged Kubernetes systems, delivers SentinelOne’s Behavioral AI and autonomous response capabilities across all major Linux platforms, physical and virtual, cloud-native workloads, and containers, providing prevention, detection, response, and hunting, the company says.
37. Dark Web Scanning: ID Experts has announced the public availability of its new free CyberScan dark web and social media scanning product.
36. Data Protection Portal:Virtru has announced the Virtru Developer Hub, a single development portal to integrate data protection capabilities and ensure the privacy of sensitive data, the company says.
35. Printer Security Bugs: At least 35 significant vulnerabilities in six commonly used enterprise printers have been uncovered, manufactured by HP, Ricoh, Xerox, Lexmark, Kyocera and Brother, according to Threat Post.
34. Endpoint Protection - APIs:Carbon Black has announced customizable API Access Control across the company’s cloud-native endpoint protection platform (EPP). The result: Administrators can select whether individual integrations can read, update, create, or delete certain data across different parts of the platform, the company says.
Black Hat USA 2019: Day 3 News and Analysis
33. Developer Partner Program:ThreatConnect, which offers a security operations platform, has launched a developer partner program. Initially, the Developer Partner Program will launch as a pilot and will only be open to a limited number of vendors. Early partners include Cofense, King & Union, Bandura Cyber, Kaspersky, and BluVector. ThreatConnect expects to fully launch the new program by early 2020, the company says.
32. SIEM and Automated Response:ManageEngine Log360 has extended beyond its SIEM (security information and event management) capabilities to include automated response measures to security incidents, the company says.
31. Integrations: Tenable has expanded its Cyber Exposure ecosystem with new and/or enhanced integrations. Examples include integrations for IT service management (ServiceNow Security Operations), public cloud infrastructure (AWS Security Hub) and SIEM (IBM QRadar).
30. Vulnerability Mapping:Digital Defense has unveiled Frontline Network Map, which offers IT security and operations professionals enhanced visibility of vulnerabilities and threats found on networks of all sizes, the company says.
Continue to page two for Day 2 news.Welcome to page two. Here's the latest...
Black Hat USA 2019: Day 2 News and Analysis
29. Endpoint Security - AI and Zero Trust:BlackBerry has launched BlackBerry Intelligent Security, a cloud-based solution that leverages adaptive security, continuous authentication and artificial intelligence (AI) to enhance mobile endpoint security in zero trust environment, the company says. We're checking to see if or how the technology is related to the BlackBerry Cylance software portfolio.
28. Identity and Access Management (IAM):Ping Identity has launched PingCloud Private Tenant, a private cloud identity solution for the enterprise.
27. Application Security - Oracle & SAP: deepwatch, a managed security services provider, has embraced Onapsis for a managed application monitoring, detection and response solution that protects SAP and Oracle applications, among others.
26. McAfee Partnerships: The McAfee Security Innovation Alliance (SIA) and McAfee CASB Connect Program have gained 13 new partners and six newly certified integrations, respectively.
25. SIEM and Microsoft Azure: Cloud-based SIEM provider JASK has joined the Microsoft Intelligent Security Association (MISA), a group of security technology providers focused on protection, detection, and response. JASK also announced full support for the Microsoft Graph Security API to ingest a data and information related to Microsoft and partners, into its SIEM platform.
24. Cloud SIEM Upgrade: Devo Technology has unveiled a new vision of the company's cloud-based SIEM platform.
23. Security Orchestration, Automation and Response:DFLabs has announced a "series of upcoming enhancements" to its IncMan SOAR platform. Security operations (SecOps) teams will gain an "exquisite user experience, combined with more robust capabilities to better detect, respond to and resolve security incidents," the company claims.
22. Risk Monitoring:CrowdStrike has unveiled CrowdScore -- a "simple metric that enables CxOs to instantly see the real-time threat level their organizations are facing, allowing them to quickly mobilize resources to respond," the company asserts.
21. SOC as a Service and Endpoint Monitoring:Arctic Wolf Networks has launched Arctic Wolf Agent, an endpoint monitoring tool included as a core technology with Arctic Wolf Managed Detection and Response, and Arctic Wolf Managed Risk service offerings. The Arctic Wolf Agent, provided at no additional cost, introduces unified inventory and asset management functionality to "enrich behavior analytics and help eliminate endpoint blind spots that traditional technologies miss," the company asserts.
20. Partnership - Managed Detection and Response: Proficio, a Top 100 MSSP, will integrate its managed detection and response (MDR) capabilities with Qualys cloud-based security services.
19. Partnership - MDR Part Two: Proficio has embraced PatternEx as a Virtual Analyst Platform to detect advanced attacks and to create custom models that target specific attacks faced by Proficio’s clients, the MSSP says.
18. Sysdig Upgrade: Sysdig has unveiled new features for Sysdig Secure, including runtime profiling and anomaly detection with machine learning capabilities.
17. Threat Detection and Response:Secureworks Red Cloak Threat Detection and Response (TDR), a SaaS-based service is now available with a 24/7 service option to help organizations scale their security expertise and defeat cyber adversaries, the company says.
16. Threat Intelligence:Mimecast, an email and data security company, has introduced Mimecast Threat Intelligence -- which offers customers a deeper understanding of the cyber threats their organizations face, the company says.
15. Vulnerability Management:Tenable has unveiled Predictive Prioritization capabilities within Tenable.io and Tenable.sc. for vulnerability management in the cloud and on-premises. The capabilities "accelerate the discovery, prioritization and remediation of vulnerabilities before they are published in the National Vulnerability Database (NVD)," Tenable asserts.
14. Security Analytics and SOCs:Stellar Cyber has launched Starlight3.3, a first Unified Security Analytics Platform that supports (1) AI-based dynamic phishing detection and automated event correlation.
13. Security Forensics:Digital Guardian has launched DG Wingman, s free forensic artifact collection tool for security professionals.
Continue to page three for Day 1 and pre-event news.Welcome to page three. Here's the rest of our Black Hat USA 2019 news and analysis
Black Hat USA: Day 1 and Pre-Event News
12. SIEM & ATT&CK Alignment:LogRhythm has released a module that aligns the LogRhythm NextGen SIEM Platform with ATT&CK, “a curated knowledge base and model for cyber adversary behavior," the company says. The module’s content corresponds with tactics, techniques and procedures (TTPs) as categorized by ATT&CK. LogRhythm will demonstrate the module at the conference.
11. Carbon Black - MSSP Momentum:Carbon Black CEO Patrick Morley points to MSSP partner program momentum ahead of Black Hat.
10. Managed Detection and Response (MDR) and MSSPs: We're aware of numerous announcements that will further blur the line between MDR and traditional MSSP services. Stay tuned for updates.
9. MDR - AT&T: AT&T Cybersecurity will emphasize a new AT&T Managed Threat Detection and Response service at the conference.
8. Security Operations Center as a Service (SOCaaS): We're also aware of numerous announcements that will promote SOCaaS for MSPs and MSSPs to consume; and for VARs and resellers to sell into end-customer settings. Stay tuned for details.
7. Data Lakes and Cybersecurity:Qualys CEO Philippe Courtot, during this week's earnings call, hinted that an announcement or demonstration may surface at Black Hat.
6. Talent - Endpoint Protection: Malwarebytes has hired AlienVault and AT&T Cybersecurity veteran Mike LaPeters to lead the endpoint security company’s channel initiatives. We expect LaPeters to surface at the conference.
5. Talent - SIEM and SOAR: Siemplify has hired Docker, Red Hat and IBM veteran Roger Egan as VP of global sales, MSSP Alert confirmed earlier this week. We're set to meet with Egan and key Siemplify leaders at the conference for more details...
4. Endpoint Protection:enSilo's executives and research experts will brief analysts and media on new capabilities in the enSilo Endpoint Security Platform.
3. MSSP Alert Meetings: We're set to meet with more than 30 MSSPs and cybersecurity companies at the conference.
2. Special Thanks: To the vendor, MSSP and investor community for a record number of meeting invites we received for this show. Our unsolicited meeting invite count now stands at 175 companies.
1. More Updates: Check this this blog entry for news, analysis and chatter updates each day through at least Friday, August 9.
Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.
Russia's invasion of Ukraine features alleged cyberattacks. Follow this Russia-Ukraine conflict timeline for cyber & kinetic warfare updates, and guidance for MSSPs worldwide.