The RSA Conference in San Francisco: the biggest security event in the world! Weren’t able to attend? No worries! Let me summarize the biggest innovationfor you.
Together with more than 40 000 security professionals, we visited this immense exhibition during which we participated in multiple presentations, meetings and discussions. Last year’s main topic was the rise of the next generation endpoint security solutions. This year, the importance of endpoint security was highlighted even more.
Behavior analytics, both user and network, will be used more intensively. This is mostly based on Artificial Intelligence, combined with automated response. This combination will bring your security to the next level.
Artificial Intelligence and Machine Learning are very popular marketing terms nowadays, almost every vendor claims to have the perfect solutions based on these techniques. The main question, however, is how to separate the wheat from the chaff? Integrating these facilities is not easy, so be wary when a company suddenly announces to have incorporated them. Those who have already been using machine learning for years are more reliable.
Moving to the EDR
Many end point security vendors are moving to the EDR (Endpoint Detection and Response) space in order to gain more insight into what is happening on those endpoints. How does it work? They use techniques that record all activities on the endpoint in order to allow filtering; and to correlate suspicious and malicious activities automatically. That way, malicious behavior is detected and potential malware is blocked. It enables us to see what kind of malware we are dealing with, who is responsible and how it entered the organization. These are very effective and useful solutions which will definitely be added to our Managed Services. We will provide Managed Detection and Response (MDR) services, a new category defined by Gartner.
User Entity and Behavior Analysis (UEBA)
Other interesting solutions focus on User and Entity Behavior Analysis (UEBA). They are used to monitor the user’s behavior. Amongst others, they check whether the identity of a user is compromised, if a user is trying to exfiltrate data from the network or if he is trying to copy large amounts of data to external storage.
These solutions and insights will definitely help us to stay on top of all evolutions in the industry. That is why we visit the RSA Conference every year. It has been a very intense week filled with meetings and exhibitions, but it was definitely worth our while.