Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

RSAC 2024 reveals the impact AI is having on strengthening cybersecurity infrastructure 

This year’s RSAC 2024 was like a Formula 1 race, complete with 40,000+ fans and new technologies focused on greater acuity, accuracy, speed and visibility. Vendors are seeing AI, visibility (ideally to the kernel level), and hardware acceleration made possible by stepwise gains in graphics processing units (GPUs) and data processing units (DPUs).  

Drafting behind Nvidia’s momentum in hardware acceleration is the racing strategy of choice for everyone from hyperscalers, platform providers, best-of-breed apps and startups. GPUs and DPUs contribute high-octane fuel to new generative AI platforms, large language models (LLMs), apps and tools making it possible to move beyond limited gen AI chatbot use cases into infrastructure-level challenges. Cisco, CrowdStrike, Commvault, Microsoft, Palo Alto Networks, SentinelOne, Splunk and many others say hardware acceleration is a strong influence on the future of cybersecurity.    

Improving accuracy, speed and visibility of threat data was a core message of RSAC 2024. Of the many keynotes mentioning applying genAI to the challenges of automating SOC reporting and streamlining workflows, CrowdStrike’s president, CEO, and co-founder George Kurtz, keynote Next-Gen SIEM: Converging Data, Security, IT, Workflow Automation & AI summed it up well. “It can take days to ingest data can take days to actually get through queries. So if you want to find and investigate an alert, you can’t be waiting days, particularly when you’re trying to triage an incident and it all goes back to that concept of how do you bend time and how do you actually move faster than the adversary,” said Kurtz during his keynote. 

Enabling more adaptive, secure data center infrastructure is the goal 

The combination of AI, visibility and hardware acceleration opens up opportunities for vendors to take on far bigger challenges. At the top of the list are what many CISOs and CIOs consider their most dreaded and riskiest project from a career standpoint: revamping legacy data center infrastructures to make them more efficient and secure.  

“But the reality is, as you see application and infrastructure change there’s a couple of things that still remain very hard. Securing these applications is pretty hard, and securing the infrastructure is even harder,” Jeetu Patel, executive vice president and general manager of Security and Collaboration for Cisco, told the audience at his co-presented keynote with Tom Gillis, senior vice president, and general manager of Cisco Security, The Time Is Now: Redefining Security In the Age of AI. Patel and Gillis’ keynote provides the clearest narrative provided at RSAC 2024 of how the industry is trying to combine AI, visibility and hardware acceleration.  

What CISOs were talking about at RSAC 2024  

VentureBeat’s briefings and discussions with CISOs and CIOs found strong interest in cloud security, cloud-native application protection platform (CNAPP), container security, endpoint security, IAM (identity access management), risk management, SASE (secure access service edge), extended detection and response (XDR) and zero trust. 

Additional noteworthy announcements at RSAC 2024 included the following:  

Google launches Threat Intelligence, combining Mandiant’s frontline security expertise with VirusTotal’s user network and Google’s data analytics of indicators of compromise from devices and emails. Capitalizing on its core strengths to launch a competitive service into the cybersecurity market, Google launched its Threat Intelligence solution at RSAC 2024 last week. Gemini 1.5 Pro is integrated into Google Threat Intelligence, enabling conversational searches across threat data repositories. Google promises organizations advanced malware analysis and automated data enrichment by monitoring global threats through crowd-sourced and human-curated intelligence. 

Palo Alto Networks launched a series of copilots for Strata, Prisma, and Cortex Platforms, enhancements to Cortex XSIAM, and their Precision AI initiative, including a new security bundle.   Copilots for the Strata, Prisma, and Cortex Platforms were introduced to improve productivity and outcomes through natural language processing queries by SOC analysts and teams. Prisma Cloud AI-SPM was also introduced, providing capabilities to reduce risks in AI environments, with a focus on model risk and data exposure. Enhancements to Cortex XSIAM include an integrated AI-driven security operations platform, improved cloud detection threat analysis, and a BYOML framework for creating custom ML models. The Precision AI Security Bundle uses machine learning, deep learning, and generative AI to combat advanced threats such as web-based and zero-day attacks, as well as DNS hijacking. AI Access Security offers robust controls and proactive threat prevention. AI Security Posture Management (AI-SPM) improves AI ecosystem security by identifying vulnerabilities and misconfigurations. AI Runtime Security protects AI-powered applications against threats like prompt injections and model DoS. 

 

Content Courtesy – Venture Beat