It was another busy day today at the annual Black Hat USA 2024 conference in Las Vegas, as cybersecurity companies 1Password LLC, ArmorCode Inc., Legit Security Ltd. and NetRise Inc. al made product announcements aimed at enhancing the cybersecurity posture of their respective customers.

Leading the list was 1Password, which announced new capabilities that will allow more organizations to secure their workforce, including integrations with Microsoft Entra and Google Workspace, new capabilities for managing and detecting shadow information technology and simplified login management.

The new integration with Microsoft Entra is part of a deepened strategic partnership with Microsoft Corp. Entra now integrates with 1Password XAM to allow customers of both companies to secure devices by monitoring device health in real time to identify and remediate device compliance issues before permitting access. 

The new capabilities on offer include an expansion of 1Password’s Device Trust service to Entra and Google Workspace. There are also new features in the company’s Application Insights offering that provide IT and security teams visibility into unmanaged applications. In addition, an enhanced User Identity service helps with lifecycle management. And additions to the company’s Universal Sign-On deliver a unified login experience across both managed and unmanaged applications.

ArmorCode’s Black Hat announcement sees the application security posture management company announcing the general availability of AI Remediation. The new service helps resolve issues faster, puts security expertise in the hands of developers and reduces DevSecOps friction.

AI Remediation, offered as part of the ArmorCode artificial intelligence-powered ASPM Platform, uses a custom, highly trained large language model trained on security vulnerabilities and potential remediation actions. It generates a set of recommendations for a given vulnerability, with the results prioritized by the most meaningful and impactful approaches. The LLM is hosted within the ArmorCode environment and persists only for the duration of a session to protect proprietary data.

Also offering ASPM services, Legit Security announced AI Security Command Center. It’s a new dedicated AI security dashboard that provides security teams with a unified console to gain visibility to AI used in development and defend against cyberattacks exploiting AI-based applications.

With the addition of the Legit AI Security Command Center, customers are said to gain a powerful, centralized console to manage their AI application security posture. The tool enables application and product security teams to monitor, triage and report on AI attack surfaces, preventing risky AI models from compromising their development environments.

The new service continuously inventories and assesses AI models across various developer communities, dynamically flagging and enforcing AI security policies when new risks emerge, the company says. Additionally, AI Security Command Center offers an enhanced AI risk correlation engine that prioritizes and triages malicious and vulnerable AI models based on severity while seamlessly integrating with ASPM workflows to address AI security issues across all stages of development.

Finally, Netrise announced a significant expansion of its Extended Internet of Things platform, with support for the analysis of containers and Windows software assets. The expansion delivers organizations comprehensive visibility across their software supply chain and allows product and information security teams to inventory and control software assets and proactively respond to security risks.

Key new capabilities include machine learning-based software composition analysis. It identifies software components using proprietary algorithms without traditional package manifests, plus enhanced software extraction and decomposition for analyzing components in various formats. Additionally, the platform provides detailed component and dependency information using a simple file hash and generates comprehensive dependency graphs through intelligent dependency mapping.

Image: Black Hat USA