 |
| Dr Ramzan. |
Orion
Regulatory content mapping using natural language processing. The RSA
Archer integrated risk management suite now features regulatory content analysis, leveraging machine learning and artificial intelligence as well as natural language processing to
analyse regulatory content and map the content to compensating controls in a
company. The technology is capable of "single-digit hours" of analysis, Dr Ramzan said.
Vine
Efficient indexing for high-scale
data processing, which is now part of RSA NetWitness, a network security monitoring solution. Dr Ramzan noted that Vine has pushed the envelope for data processing and enables data scientists to
search for any type of string
and any incident, processing high volumes of data and returning answers in real-time.
Current projects which have just been commercialised or are in the product roadmap include:
Anubis
Advanced network-based user behaviour indicators.
Bifrost
Enables network user and entity behavior analytics (UEBA) to better scale by handling data from
multiple sources.
Smurf
Softmax-based user reputation functions for entity behaviour
analytics. Softmax is a mathematical function that is used to calculate probabilities.
Project 3PP
Rethinks how third-party risk is assessed. The traditional model makes use of questionnaires, email and Excel, but there is no way to scale this approach, Dr Ramzan said. Instead, questionnaires are managed in the cloud, so data is centralised and can be tied back to Archer. Suppliers can track which questionnaires they have answered, and delegate questions or sections of questionnaires to team members who are best-positioned to answer them.
"We made this process significantly easier simply by putting it in the cloud," Dr Ramzan said. The concept can be developed further, for example by applying natural language processing techniques, or prepopulating questionnaires with responses that suppliers have already given in the past.
"We made this process significantly easier simply by putting it in the cloud," Dr Ramzan said. The concept can be developed further, for example by applying natural language processing techniques, or prepopulating questionnaires with responses that suppliers have already given in the past.
The process ensures that suppliers can no longer upload blank documents, for example. "We can
actually do data validation now on everything they put in," Dr Ramzan said.
The centralised data also means that predictive questioning - suggesting questions - could be a reality in future, he added.
Project Rev
Intuitive visual interface for the SecurID Access risk engine. "Admins have a hard time
understanding some of the advanced techniques that are being used in the risk engine," Dr Ramzan explained. Project Rev provides easy-to-understand metrics that help users can understand what they
create and the implications of their policies. They can drill down into details of particular networks, and receive a confidence score for every user.
The future could include:
Project Iris IoT
This project addresses the need for visibility into Internet of Things (IoT) device activity.
"You have no idea what these devices are doing," Dr Ramzan noted. "And the visibility into each device is just not scalable."
RSA's approach is to leverage parent company Dell's open source IoT gateway, which can handle processing at the edge. Now an EdgeX Foundry project, the IoT gateway can be used as the foundation for monitoring devices, with visibility into each gateway providing indirect visibility into what IoT devices is doing.
RSA's approach is to leverage parent company Dell's open source IoT gateway, which can handle processing at the edge. Now an EdgeX Foundry project, the IoT gateway can be used as the foundation for monitoring devices, with visibility into each gateway providing indirect visibility into what IoT devices is doing.
Siren
Visibility into container orchestration and service meshes.
Gemmel
Visibility and analytics into functions-as-a-service, such as AWS Lambda.
Big Bang
Helps to infer how critical an asset is, versus manual labelling which can quickly go out-of-date. Dr Ramzan explained that NetWitness can be used to determine who is using the asset, and if it is heavily used, which implies it is critical. Critical assets can then get priority for protection as part of a business resiliency conversation as opposed to picking up the pieces after a vulnerability has been found and trying to persuade management that something needs to be done.
Synapse
This is a communication bus between NetWitness and Archer to bridge the two and provide a real-time view of activities.
VIPR
Prioritises vulnerabilities based on critical assets.
Rialto
Identifies assurance layers with BYOA, bring your own apps.
 |
| Geyer. |
Grant Geyer, SVP Products RSA, also spoke about RSA's product goals. One is proximity-based authentication, where authentication is automatic because a user's mobile phone is physically near the secured system. With identity assurance, for instance,the company is working to making authentication invisible, he shared.
"Ultimately the goal of authentication is that there are enough factors about you and your trustworthiness and your system’s trustworthiness (to eliminate the use of traditional authentication)," he said. "If you do something unusual then (you would have) to prove that it’s you."
Geyer
spoke about a customer who cut authentications by 40,000 in one day
because it had moved from multifactor authentication to RSA's latest
identity
assurance solution. Its customers inundated the helpdesk with
complaints, because they thought something was wrong.
“People are so used to behaviours that give the appearance
of safety that even if safety is built into the system, they’re not prepared
for that. Ultimately we need to go into cultural change for that,” he said.
The company also has an omnichannel offering which allows fraud to be spotted on both web and mobile.
Hashtag: #RSAC
No comments:
Post a Comment