RSA Conference 2024: AI and the Future Of Security

The first week of May saw security practitioners from all over the globe come to the city by the bay to participate in RSA. In 1991, just a handful of security researchers got together for a single panel discussion about DES versus DSS. From those humble beginnings, the event has grown to over 41,000 participants, more than 500 sessions, panels, and trainings, and over a dozen co-located events, each with their own schedules and sessions.
In the following three sections, I will try to encapsulate a small part of the sessions, the RSA Sandbox experience, and the view from the massive expo floor that makes up the event.
The Sessions at RSAC A focus on AI from a governance and tooling perspective.
Day one of RSA once again brought the co-located event from Techstrong: DevOps Connect.
Starting things out though, was a look at how we can shape the future of AI and LLMs from a futurist and Hugo and Nebula-winning author, David Brin.
We can learn from nature and the evolution of human society to find solutions to keep AI in check, even while AI is very rapidly becoming more sophisticated.
Some more advanced cyber defense use cases included using an LLM to decode Russian cybercrime jargon and analyze complex IaC and IAM configurations.
Given the nature of LLMs, you can not predict the outcome AI produces; it is non-deterministic.
This makes observability and governance all that more important, as we need to ensure we are not causing harm to users.
If there is a silver lining in their research, it is that Security budgets are not being decreased, as in money is being subtracted from their budgets.
The more you invest in your team and make them feel there is a career path available, the more likely they are to stick around, which is good for everyone.
While sessions at RSAC are a great way to learn, many attendees want a more hands-on experience.
Based on our research 27% of IT decision-makers say they rely on exactly this approach, and many of the security practitioners who sat down with us at RSA admitted they had never tried it themselves.
Every player had at least one false positive or negative, often more.
With the generous feedback we received, stay tuned for more news about this exercise at future AppSec Villages.
Others are much more humble and provide just enough space for a few representatives to give quick demos of their tech.
We met hundreds of folks over the course of the conference and got to catch up with so many familiar faces, sometimes for the first time in person.
We are very proud to have had the chance to show it off along with our other advancements since the last RSA Conference.
Beyond all of those parts, RSA Conference 2024 was about coming together as humans to try to get a handle on security.
This is a Security Bloggers Network syndicated blog from GitGuardian Blog - Code Security for the DevOps generation authored by Dwayne McDaniel.


This Cyber News was published on securityboulevard.com. Publication date: Sat, 18 May 2024 08:43:05 +0000


Cyber News related to RSA Conference 2024: AI and the Future Of Security

CVE-2022-20866 - A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This ...
2 years ago
RSA Conference 2024: AI and the Future Of Security - The first week of May saw security practitioners from all over the globe come to the city by the bay to participate in RSA. In 1991, just a handful of security researchers got together for a single panel discussion about DES versus DSS. From those ...
1 year ago Securityboulevard.com
Key Breakthroughs from RSA Conference 2025 - Day 1 - Sumo Logic unveiled intelligent security operations with capabilities like detection-as-code (bringing DevSecOps to threat detection), UEBA historical baselining (improving accuracy by learning behavior over time), multiple threat intelligence feeds, ...
1 month ago Cybersecuritynews.com Inception
Researchers extract RSA keys from SSH server signing errors - A team of academic researchers from universities in California and Massachusetts demonstrated that it's possible under certain conditions for passive network attackers to retrieve secret RSA keys from naturally occurring errors leading to failed SSH ...
1 year ago Bleepingcomputer.com
Gaining Insights on the Top Security Conferences - A Guide for CSOs - Are you a CSO looking for the best security events around the world? Well, you have come to the right place! This article is a guide to the top security conferences that offer essential security insights to help make informed decisions. Security ...
2 years ago Csoonline.com
12 Software Dev Predictions for Future - Predicting the future of software development trends is always a tough call. Such trends will also rule the future of the software development industry. Analyzing these future software development trends will put enthusiasts ahead of the competition. ...
1 year ago Feeds.dzone.com
RSA Keys Security: Insights from SSH Server Signing Errors - In the realm of secure communication protocols, RSA keys play a pivotal role in safeguarding sensitive information. Recently, a group of researchers from prominent universities in California and Massachusetts uncovered a vulnerability in the SSH ...
1 year ago Securityboulevard.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
7 months ago Helpnetsecurity.com
Recap from Singapore FinTech Festival - This was my first time attending the Singapore FinTech Festival and I thoroughly enjoyed my time at the conference, chatting with colleagues, listening to sessions, and visiting booths. The conference was started in 2016 by the Monetary Authority of ...
1 year ago Feedpress.me
Renewable Energy Technology: Powering the Future - Engage in the discussion on how renewable energy technology is set to revolutionize our world and reshape the energy landscape for future generations. From rooftop solar panels to large solar farms, this renewable technology is leading us towards ...
1 year ago Securityzap.com
Top 30 Best Penetration Testing Tools - 2025 - The tool supports various protocols and offers advanced filtering and analysis capabilities, making it ideal for diagnosing network issues, investigating security incidents, and understanding complex network interactions during penetration testing. ...
1 month ago Cybersecuritynews.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
1 year ago Feeds.dzone.com
Millions Of RSA Key Exposes Serious Flaws That Can Be Exploited - A disturbing security vulnerability has been uncovered affecting RSA encryption keys used across the internet, with researchers discovering that approximately 1 in 172 certificates found online are susceptible to compromise through a mathematical ...
2 months ago Cybersecuritynews.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
7 months ago Cyberdefensemagazine.com Akira
Stress-Testing Security Assumptions in a World of New & Novel Risks - The most devastating security failures often are the ones that we can't imagine - until they happen. Prior to 9/11, national security and law enforcement planners assumed airline hijackers would land the planes in search of a negotiated settlement - ...
10 months ago Darkreading.com
'Secure by design' makes waves at RSA Conference 2024 - Secure by design refers to the principle that software should be developed with security in mind through established development frameworks and best practices. Though the concept is far from new, the approach has been featured in multiple different ...
1 year ago Techtarget.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
1 year ago Esecurityplanet.com
The First 10 Days of a vCISO’S Journey with a New Client - Cyber Defense Magazine - During this period, the vCISO conducts a comprehensive assessment to identify vulnerabilities, engages with key stakeholders to align security efforts with business objectives, and develops a strategic roadmap to prioritize actions and resources. If ...
7 months ago Cyberdefensemagazine.com
7 cybersecurity conferences to attend in 2024 - Cybersecurity is a constant problem in today's digital age. Attending cybersecurity conferences is one way companies can learn to keep their organizations safe. Here are some cybersecurity conferences in 2024 to help organizations stay in the know. ...
1 year ago Techtarget.com
Assess security posture with the Cloud Security Maturity Model - One aspect of enterprise IT that organizations want to be mature is security. To address this challenge, IANS and Securosis developed the Cloud Security Maturity Model, a framework to help CISOs set their cloud security goals through asset ...
1 year ago Techtarget.com
The Perils of Platformization - CISOs continually have to choose between best of breed security vs Platformization and further consolidation of vendors. Cloud providers are driving security products towards use of standardized interfaces, and streamlined marketplaces. Increasingly, ...
1 year ago Securityboulevard.com
Microsoft announces deprecation of 1024-bit RSA keys in Windows - Microsoft has announced that RSA keys shorter than 2048 bits will soon be deprecated in Windows Transport Layer Security to provide increased security. Rivest-Shamir-Adleman is an asymmetric cryptography system that uses pairs of public and private ...
1 year ago Bleepingcomputer.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
1 year ago Blog.checkpoint.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
1 year ago Cybersecuritynews.com