Axonius | Broadcom | RiskRecon | Sysdig | Trend Micro
Q1. How does Axonius plan on utilizing the $200 million it raised in Series E funding earlier this year?
Axonius achieved $100M annual recurring revenue in 2023 in only 4.5 years, making us one of the fastest and most efficient cybersecurity companies to ever reach this milestone. With this latest round of funding Axonius received, we will continue to scale our global reach and product innovation for explosive growth that will benefit our customers worldwide. Axonius is the only company to offer a combined solution for Cyber Asset Attack Surface Management (CAASM), SaaS Security Posture Management (SSPM), and SaaS Management Platforms (SMP). As the system of record for all digital infrastructure, Axonius solves foundational challenges for security and IT teams in any industry. Axonius is consistently adding richness to our platform. Over the last 12 months, we’ve announced three significant product releases including numerous critical capabilities and new modules and added hundreds of new integrations and enforcement center actions to drive consistent and automated responses. This funding will allow Axonius teams to continue investing in our enforcement capabilities, strengthening automated responses, building deeper integrations through our adapter catalog, and extending into new use cases and market categories.
Q2. How is the growing adoption of cloud computing, containerization and other modern technologies complicating the challenges associated with cybersecurity asset management? What steps is your company taking to ensure that your platform can effectively discover, monitor, and secure these assets?
This adoption only underscores the need for Axonius and truly comprehensive cybersecurity asset management. The approach we introduced to the market by leveraging adapters to deeply integrate across an organization’s entire ecosystem of applications, devices, and tools proves to be the way to approach asset management. IT and security teams cannot rely on a single source for a complete view of an asset (or collection of assets), since individual tools can only provide a myopic view. Each solution provides different data about the asset that the solution manages. The depth and breadth of Axonius adapters make it easy to aggregate and correlate data from many solutions for greater data accuracy and context for all assets. Axonius customers get immediate value as they’re able to connect to 1,000+ adapters (pre-built integrations) and also leverage hundreds of pre-built automated actions. This provides a holistic and highly contextualized view of every asset in the inventory and enables teams to understand and optimize their environments faster without installing additional agents.
By connecting to these data sources and aggregating, normalizing, deduplicating, and correlating data about all kinds of assets, incl. devices, identities, cloud, software, SaaS applications, vulnerabilities, security controls, and their interrelationships, customers can fully trust what they see, and act on that: ask questions, get answers, and automate remediation action. Axonius enables IT and security teams to not only discover, monitor, and secure these assets, but also mitigate threats, navigate risk, decrease incident response time, reduce your attack surface, simplify workflows, and more.
Q3. What insights or innovations does Axonius plan to showcase at Black Hat USA 2024? What can attendees expect from your company at the event?
Axonius is thrilled to further showcase the capabilities of the Axonius Platform in tackling fundamental challenges and driving measurable (and continuous) risk reduction across their businesses. At our booth, attendees can connect with our exceptional team and participate in a custom demo, demonstrating the power of Axonius in addressing their specific challenges and pain points and delivering comprehensive asset visibility, risk identification, and automated remediation to effectively reduce risk.
Q1. How will the recent merger of Symantec and Carbon Black benefit enterprise customers of both companies? Where do you see the biggest opportunities for innovation resulting from the synergy between the two companies?
Symantec’s portfolio encompasses some of the best security technology and research in the world with a concentration on data and network protection, while Carbon Black’s complimentary portfolio specializes in endpoint detection and response (EDR) and application control. Both Symantec and Carbon Black solutions have long-prioritized a data-centric approach to security, with DLP at the center of Symatec’s acuity models and rich endpoint telemetry at the core of Carbon Black. Integrating data, endpoint, and network telemetry across the portfolio will enable greater visibility and control for our customers while Carbon Black can leverage Symantec’s industry-leading Next-Generation AntiVirus to enhance detection and response.
The Enterprise Security Group and our partners will also continue to provide superior customer service while increasing dedicated resources and focused support for our customers. Broadcom's focus on investing in R&D will continue to drive security innovation like our AI-trained Adaptive Security capabilities that protects customers against highly sophisticated, targeted attack strategies increasingly employed by organized ransomware groups.
Q2. You recently mentioned that Broadcom plans to make significant investments in Symantec and Carbon Black going forward. In what areas does Broadcom plan to make these investments?
Broadcom is an innovation-centric company that maintains a consistent and rigorous pace of development fueled by R&D investments well-above its industry peers. This level of investment and culture of innovation will initially continue to improve the products our customers are using both on-prem and across hybrid clouds while identifying and integrating complementary technologies from both Symantec and Carbon Black that can benefit the portfolio.
We’re also investing in go-to-market activities, like our sponsorship of Black Hat, to keep the market updated about our incredible technical innovations and customer successes. While increased investments with our key partners will deliver industry-leading customer support and service to help our customers maximize their defenses across endpoints, networks, clouds, apps and data. All backed by one of the largest and threat intelligence networks on the planet.
Q3. What do you want attendees at Black Hat USA 2024 to know about Broadcom's new Enterprise Security Group?
Innovation is and always has been the lifeblood of both Symantec and Carbon Black. As Broadcom’s newly formed Enterprise Security Group, we’re committed to redefining what’s possible in cybersecurity. Leveraging the most talented teams, backed by some of the most in-depth threat research on the planet, we are developing innovative solutions to meet the ever-changing threats our customers face. As we look ahead, we have a clear vision to build a secure digital world. And we are more determined than ever to make it a reality. The best is yet to come.
Q1. What were the main takeaways from RiskRecon's s recent study on the cybersecurity preparedness of 271 cities across the US? What were some of the biggest changes from the previous study that RiskRecon conducted of these cities, in 2021? What remains unchanged?
For the past three years, RiskRecon, a Mastercard company, and leading provider of cybersecurity ratings and assessments, has been analyzing 271 of the most populated cities across the U.S. to better understand their cybersecurity posture and ultimately their cyber risks and the risks of their third and fourth parties. The sample included the five most populated cities from each state (excluding inhabited territories and including the ten most populated cities for California, Florida, New York, and Texas, and the District of Columbia).
These cities were first evaluated in August 2021 and were assigned ratings based on their performance across nine security areas, ranging from application security to web hosting. In 2022 and in 2024, we assessed the same sample to determine what, if any, changes had occurred in their cybersecurity performance.
What’s changed overtime?
August 2022
January 2024
Several reports and research, whether from Mastercard or elsewhere in the cybersecurity industry, consistently identify several top contenders for contributing to a breach. Among those is outdated software, which often leaves organizations vulnerable to cyber-attacks through unpatched entry points. However, with an automated security assessment monitoring tool like RiskRecon TPRM, organizations can quickly detect, prioritize, and act on unpatched issues from uncovered outdated software.
Q2. What are some of the biggest challenges that organizations face when it comes to securing the software supply chain? What should they be doing to enable and to ensure that suppliers, partners and other third parties are in compliance with internal and regulatory requirements?
In the mass outsourcing of systems and services to third parties, organizations have dramatically increased the scale and complexity of their risk surface. And as the number of digital connections between consumers, businesses, and governments grows exponentially, monitoring this complex web of connections can be overwhelming.
This makes third-party risk management a crucial component to securing an organization’s overall digital ecosystem. In fact, a study on “The State of Third-Party Risk Management” by RiskRecon, a Mastercard company, and Cyentia Institute reveals that companies are critically dependent on third parties, trusting them with their most sensitive data and operations functions. The survey found that on average, respondents said that 31% of their vendors could have a critical impact on their organization if breached, while 25% claim that half of their entire network could trigger severe impacts.
This is where Mastercard Cybersecurity fits in. Just as business risk grows and evolves, so do our efforts to combat them. Today – thanks to our evolving technology - it is possible to defend against threats you don’t expect, and before they happen. To do this we have our three core pillars of Mastercard Cybersecurity; Assess - Protect and Organize.
First, we assess a business's cyber risk exposure identifying where they and their supply chain are vulnerable, making them to emerging risks and threats. We do this by continually monitoring third-party business relationships and other data trends and constantly innovating to stay ahead of emerging threats.
Second, we protect businesses from cyber-attacks thanks to our innovative solutions which help secure the digital ecosystem. At Mastercard we are constantly innovating to protect businesses across the world from cyber threats and using our AI threat protection we can now stop an active attack in under 15 seconds.
Finally, we organize data at a macro level using our AI powered technology to help stakeholders enhance their cybersecurity throughout their business and supply chains, raising the performance of the tools and teams that together keep business and governments safe.
Q3. What is the primary focus of Mastercard Cybersecurity at Black Hat USA 2024? What are you hoping customers and other attendees will take away from MasterCard Cybersecurity's presence at the event?
Our primary focus at Black Hat USA 2024 is to 1) build awareness of the Mastercard Cybersecurity brand, 2) provide an understanding of Mastercard’s innovative leadership in digital security, and 3) highlight our key product solutions and broader capabilities in this space including RiskRecon TPRM, RiskRecon Threat Protection, and Cyber Quant, to name a few.
At Mastercard we have decades of experience tackling cybercrime, and we believe we need to work together to continue building resilience across the digital ecosystem. This is why we have active memberships in over 45 regulatory, law enforcement, non-profit, advocacy, academic, and industry associations globally.
We also believe that to completely secure the digital economy - we must all share the goal to protect every interaction beyond the transaction – across all industries – at all levels of the supply chain. If the BlackHat attendees walk away with this understanding, we’ve done our job.
Q1. How will customers benefit from Sysdig's recently announced Runtime Insights Partner Ecosystem initiative? What business or security issue is it that Sysdig plans to address via the program?
One unique Sysdig feature is our ability to pull real-time insights from runtime and use them to help make better-informed security decisions across the software lifecycle. No one else comes close to the level of visibility we provide, nor can they match our real-time pace.
The Sysdig Runtime Insights Partner Ecosystem fosters enhanced integration and collaboration between leading cybersecurity solutions so customers can reap the benefits of our real-time runtime insights regardless of their workflow. Sysdig enables ecosystem partners to help security teams prioritize their most critical security issues by focusing on what’s in use. By leveraging this in-use context, such as vulnerabilities and permissions, users can quickly and efficiently home in vulnerability management, posture management, entitlement management, and threat detection and response. In turn, many ecosystem partners provide critical data sources, like cloud, identity, and git logs, that enable Sysdig to detect threats and provide critical cloud security insights across multiple domains.
By partnering with the best of the best, our Runtime Insights Partner Ecosystem enables customers to keep pace with the speed of the cloud. In the last year, we announced AI Workload Security for AWS AI Services, integrated with Snyk AppRisk Pro to quickly and accurately assess runtime vulnerability risk, were named 2024 Google Cloud Technology Partner of the Year for Security, launched an integration for Docker Scout using runtime insights to prioritize risk, and more.
Security is plagued with siloed security tools and fragmented solutions. This initiative provides a cohesive and integrated security approach by linking various security solutions and domains, such as AppSec, threat detection, incident response, identity management, and beyond. A connected ecosystem like the one we’ve built enables faster and more efficient detection, analysis, and response to security threats, outpacing the speed and sophistication of cloud attacks and providing comprehensive protection against threats.
Q2. How exactly are generative AI technologies complicating the cloud security challenge for enterprise organizations? What is it going to take for organizations to mitigate AI risk in cloud environments?
You’re throwing a loaded question at me — where to begin!?
Cloud attacks are fast. The Sysdig Threat Research Team found they can happen in 10 minutes. Think about how quickly 10 minutes can pass. Just as AI and automation unlock greater speed and efficiency for businesses, they’ve become productive “co-pilots” for malicious actors, too. Attackers’ use of AI has significantly improved the speed, number, and success rate of attacks. At the same time, we’ve seen a 33x increase in vulnerabilities in the last eight years and a growing reliance on open source code, and both happening as security bodies’ budgets are being slashed.
While on the one side, AI is aiding the proliferation of threats, the risk of AI workloads themselves is the other side of the AI security coin. The need for greater speed and business efficiency has led to an increased deployment of AI workloads on platforms like Kubernetes. Large language models (LLMs), a core component of GenAI applications, require significant resources and are 35% more likely to be publicly exposed than other workloads. This increased exposure amplifies the risk of security breaches and leaks of an organization’s most sensitive data.
We approach security for AI the same way we’ve approached cloud security: with a focus on what is active in runtime to prioritize true risk and harden security posture proactively. However, organizations must also be realistic. There will be another zero-day vulnerability, perhaps aided by GenAI, so they need the right tools and processes to identify an attack instantly and respond within minutes.
By prioritizing active risks associated with AI workloads and having comprehensive visibility and control over AI deployments, you can mitigate your risk. Sysdig AI Workload Security empowers security teams to identify and prioritize AI workloads, detect suspicious activities, and address vulnerabilities in real time.
Q3. What can customers and other organizations expect to see and hear from Sysdig at Black Hat USA 2024? Do you plan on hosting anything similar to last year's "Honeypot Hack" this time around?
Sysdig will be one of the first things you see when you arrive at Mandalay Bay and pick up your badge — we’re excited to connect with everyone. You’ll also find us in the convention center at booth 1750.
This year we’re laser-focused on demonstrating the value of real-time cloud security and connecting our Threat Research Team with attendees interested in understanding why cloud attacks are different. Sysdig TRT has made groundbreaking discoveries like SCARLETEEL, SSH-Snake, LLMjacking, and more. From harvesting and exploiting AI credentials to a decade-long Romanian botnet outfit, TRT has been uncovering cybercrime and fortifying the Sysdig platform at a remarkable pace. Members of the Threat Research Team will be on-site at Black Hat and look forward to sharing more about their work.
Beyond threat research, we’re excited to talk to attendees about the /555 Benchmark for Cloud Detection and Response and the speed of the cloud. As I mentioned, last year our Global Cloud Threat Report found that cloud attacks were conducted in 10 minutes or less. /555 outlines how quickly organizations should detect and respond to cloud threats — 5 seconds to detect, 5 minutes to investigate, and 5 minutes to respond — and it explores the change in both mindset and process required to meet its demands.
We’re also excited to unveil a few new Sysdig announcements. I won’t give away too much, but among these are: cloud-native investigation and identity security capabilities that empower customers to deliver 5-minute investigations; harnessing the power of AI with Sysdig Sage for threat detection that equips customers to respond in 5 minutes; and updates to the industry’s most comprehensive instrumentation that unlocks complete cloud coverage (including hybrid and multi-cloud environments!).
For the Honey Pot Hack game, I guess you’ll have to stop by the booth to see what we’re cooking.
Q1. How is Trend Micro leveraging AI to enhance endpoint security? You were recently quoted as saying Trend Micro’s approach is "AI for security" and "security for AI." What exactly does that mean?
The dual approach of "AI for security" and "security for AI" means that Trend understands the importance of both using AI to improve security and securing AI itself. "AI for security" is our strategy that refers to the use of AI to enhance cybersecurity efforts, including enriching risk management, accelerating detection and response including for zero-day threats, automating threat hunting, and amplifying protection capabilities within the Trend Vision One platform.
On the other hand, "security for AI" focuses on securing AI usage to mitigate security risks, maintain data integrity, prevent sensitive data exposure, detect unsanctioned usage, and ensure regulatory compliance. It also includes defending against adversarial uses of AI technology, such as deepfakes.
We believe this comprehensive strategy is essential for providing complete cybersecurity solutions for the future. The Trend Vision One cybersecurity platform is designed to protect organizations and individuals across clouds, networks, devices, and endpoints, with a powerful range of AI-enabled threat defense techniques optimized for diverse hybrid IT environments.
Q2. A recent Trend Micro survey found many CISOs are suffering from a credibility gap in the boardroom. Why is that a concern and what should they be doing to address the issue?
One of the critical functions of the board of directors at any organization is to understand and manage risk. Cyber risk is becoming an ever more important element of business risk, but many business leaders still treat it as part of IT. Four out of five IT leaders surveyed by Trend said they believe that board members won’t adapt to this new reality until it’s too late, and a major breach has already occurred. The key to bridging this gap is to communicate more effectively with executives about cyber risk. Development of IT communications skills is important to accomplish this, but it may also be achieved with the help of an attack surface risk management platform that provides digestible and meaningful risk insights.
Q3. How does Trend Micro plan on leveraging its presence at Black Hat USA 2024? What technologies, trends or topics does your company plan on highlighting at the event?
Trend will showcase its latest advancements in cybersecurity solutions driven by AI as well as how we are securing AI. AI enables us to enhance threat detection and response capabilities and shape the future of cybersecurity, but also comes with its own security risks. That’s why we’re also focusing on securing customers’ AI data centers, AI workload, and overall AI usage. We’ll demonstrate how AI is integrated into Trend Vision One™, the industry’s broadest cybersecurity platform, to provide proactive and comprehensive security measures and empower organizations to operate with less risk across all environments.
