By Dain Oh, The Readable
Aug. 18, 2023 7:20PM GMT+9
Black Hat USA 2023 was pure bliss for those of us who are passionate about cutting-edge security innovation. Before the event, The Readable reached out to more than 70 vendors through hundreds of emails and selected around 20 for in-person meetings. In this article, we’re excited to spotlight the five coolest vendors that we met in Las Vegas last week. Our selections are based solely on their innovative contributions and are not influenced by any sponsorships. This article may serve as a roadmap for our readers to discover the latest trends in the cybersecurity industry. Enjoy the read!
1. Oligo Security
1) Keyword: Runtime application security
2) Editor’s note: Oligo is taking on one of the most daunting challenges in modern software development: securing open-source code. Drawing inspiration from the world of neuroscience, the company is named after the term “oligodendrocyte,” which refers to the protective layer that surrounds each neuron. In much the same way, Oligo focuses on safeguarding the code that is directly involved in the development process, eliminating the need to expend resources on irrelevant lines of code. Oligo’s technology empowers developers to detect vulnerabilities in real-time, enabling them to prioritize and address issues within the right context.
3) Introduction by the vendor: Oligo offers the most precise open-source security solution, leveraging runtime application context while maintaining performance and stability. Using Oligo, customers are able to save time and focus on the relevant vulnerabilities that are being used in runtime, thus reducing the workload of responding to security alerts by about 85%. Oligo’s high-resolution detection of malicious activity is based on open-source libraries profiling, which alerts in cases of deviation from the library’s permissions.
1) Keyword: Unified security posture management
2) Editor’s note: Veriti offers not just another solution, but a unique approach to cybersecurity. By seamlessly integrating with existing protection services at each client site — from firewalls to endpoint detection and response (EDR) systems — Veriti swiftly spots and patches security gaps. With Veriti’s technology, businesses can gain greater control over the security measures they’ve put in place. This holistic strategy not only maximizes the returns on security investments but also enhances visibility throughout the product’s operational lifecycle.
3) Introduction by the vendor: Veriti is a consolidated security platform that maximizes the value of your existing security stack without impacting business operations. It unifies all security configurations into a single, comprehensive language, providing complete visibility into your risk posture, current security gaps, and available countermeasures. Using machine learning, Veriti automatically analyzes all configurations and correlates them with sensor telemetries, security logs, and threat intelligence feeds to generate contextual, actionable insights for the relevant security teams.
1) Keyword: Fixer
2) Editor’s note: Mobb is in the business of fixing problems. Crowned as the victor of the Black Hat 2023 Innovation Spotlight Competition, Mobb’s automated vulnerability remediation is a beacon for companies inundated with a deluge of security alerts. This emerging heavyweight in cybersecurity collaborates closely with clients, ensuring its fixes don’t disrupt the smooth running of applications. Mobb operates on the principle that security should bolster business growth, not hinder it. Thanks to Mobb’s advanced technology, customers can redirect their focus to critical tasks, slashing vulnerability repair times from hours to mere minutes.
3) Introduction by the vendor: Mobb lets organizations take control of securing applications with trusted, automated fixes that are informed and verified by the developers who own the source code. Organizations are able to act fast to significantly reduce the chances of being impacted by a security vulnerability exploit. CISOs can finally start reporting reductions in vulnerability backlogs, security teams can streamline processes and policies, and developers can quickly execute fixes with more trust and less friction.
1) Keyword: Continuous security validation
2) Editor’s note: SafeBreach was a rockstar at both Black Hat and DEF CON this year. The team was invited to present a total of four research presentations, covering an array of topics from Windows Defender to global transportation payment systems. This research-driven firm provides its clients with a playbook straight from the hacker’s handbook, featuring over 25,000 distinct cyberattacks. SafeBreach empowers its customers with the flexibility to schedule these simulated attacks at their convenience and even handpick which attacks to run, giving them a unique insight into their system’s vulnerabilities.
3) Introduction by the vendor: In 2014, SafeBreach was born with the launch of the industry’s first continuous security validation platform. Our award-winning BAS solution enables modern enterprises to continuously and safely execute attacks, validate and optimize the efficacy of their security controls, and prioritize remediation efforts to mitigate their most critical gaps before a breach occurs. With our Hacker’s Playbook — the industry’s most extensive collection of attack data enabled by state-of-the-art threat intelligence research — SafeBreach empowers organizations to get proactive about security with a simple approach that replaces hope and fear with real-world data and real-time action.
1) Keyword: Third-party risk management
2) Editor’s note: CyberGRX is unlike any other vendor I’ve encountered before. They’ve established themselves as the go-to exchange market for cyber risk assessments. Their platform dramatically cuts down on the manual effort traditionally required by security vendors during the submission of cyber risk evaluations. Once an assessment is uploaded to CyberGRX, vendors can breathe easy, knowing they won’t have to redo the same labor-intensive task for every request. In essence, collaboration and synergy perfectly encapsulate their mission and impact.
3) Introduction by the vendor: CyberGRX provides enterprises and their third parties with the most cost-effective and scalable approach to third-party cyber risk management today. Built on the market’s first third-party cyber risk Exchange, CyberGRX arms organizations with a dynamic stream of third party-data and advanced analytics so they can efficiently manage, monitor and mitigate risk in their partner ecosystems. Based in Denver, CO, CyberGRX was designed with partners including ADP, Aetna, Blackstone, and Mass Mutual, and is backed by Allegis Capital, Bessemer Venture Partners, Blackstone, ClearSky, GV (formerly Google Ventures), MassMutual Ventures, Rally Ventures and TenEleven Ventures.
The cover image of this article was designed by Areum Hwang.
Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.