RSAC Innovation Sandbox contest 2023 will be held on April 24th at Moscone South, San Francisco. As the “Oscar of Cybersecurity,” the RSAC Innovation Sandbox contest is highly anticipated every year. Let’s take a look at the top 10 finalists this year.
Figure 1 The 2023 Top 10 Finalists
The top 10 innovative sandbox companies can be categorized into the following fields:
Figure 2 Product categories the top 10 finalists involved in
Two of the top 10 companies in this innovation sandbox focus on Web 3.0 security, on blockchain security and artificial intelligence (AI) security separately. Although the network security industry has been paying some attention to blockchain security and AI security in recent years, there have been relatively few mature products. The emergence of related products in this year’s innovation sandbox contest indicates that the Web 3.0 security technology has gradually matured.
Figure 3 Product category comparison of top 10 financials in 2022 and 2023
Web3.0 Security
As shown in Figure 4 [1], in the Web 3.0 architecture, AI and blockchain (distributed network) technologies are two representative technologies. It can be foreseen that in the era of Web 3.0, a large number of assets based on AI and blockchain will appear on the internet.
Figure 4 Web 3.0 Architecture
With the Web 3.0 architecture, the extensive use of assets based on new technologies will inevitably expand the attack surface and introduce new security risks. How to manage such newly-emerged security risks that are difficult to handle with traditional security products is a highly challenging issue.
AnChain.AI provides an excellent practical case in the blockchain security arena. AnChain.AI utilizes AI technology to achieve transaction tracking and forensics, abnormal event detection, risk assessment, and audit functions for blockchain transactions. As shown in Figure 5[2], AnChain. AI analyzes the events and behaviors of blockchain through APIs.
Figure 5 BEI API for Blockchain Event/Behavior Analysis
HiddenLayer provides anomaly detection and response capabilities for AI assets in the AI security arena – MLDR. Its business process is shown in Figure 6 [3]. The MLDR product can quickly detect malicious adversarial samples used to deceive AI models, supplemented by human services and model scanning. HiddenLayer claims that its security capability can cover 92.3% of the AI risk matrix provided by MITRE ATLAS.
Figure 6 HiddenLayer MLDR framework
Supply Chain Security Governance
In recent years, security incidents such as Solarwinds and Log4j vulnerability have highlighted the significant threat that security risks introduced by the software supply chain pose to the entire information industry. Therefore, supply chain security has received widespread attention from the cybersecurity industry. Two of the top 10 companies in this innovation sandbox contest have innovatively provided capabilities for supply chain security governance.
Endor Labs is committed to addressing the supply chain security risks posed by open-source software. On the basis of providing visualization of open-source software, Endor Labs collects multidimensional characteristics of open-source software, scores the risks, and organizes the introduction of high-risk open-source software into products through an automated admission approval mechanism. On this basis, Endor Labs can also provide information on open-source software with similar functions, prompting developers to use low-risk software for replacement, and will prompt developers to fix vulnerabilities in open-source software according to priority. In addition, it is worth mentioning that as shown in Figure 7 [4], Endor Labs integrates GPT-type models as intelligent robots to provide information related to open-source software.
Figure 7 Integrating GPT model to provide open-source software information
Although Astrix is classified in the cloud security arena based on its targeted environment, its products clearly have in-depth research and thinking on supply chain security governance. Astrix is committed to access management of third-party cloud services accessed by users. In the current era where cloud services have become popular, third-party cloud services are actually an important part of the user product supply chain, but the related security risks are often overlooked. On the basis of providing visualization of global third-party cloud service access (as shown in Figure 8 [5]), Astrix provides detection and response to threats introduced by accessing these cloud services in the entire linkage lifecycle. It can be foreseen that Astrix’s nomination will bring significant attention to third-party cloud service issues that are often overlooked in supply chain security governance.
Figure 8 Visualization of global third-party cloud service access
Data Security and Compliance
Data security and compliance have been of great concern to the entire network security industry in recent years. In terms of data governance, Relyance AI uses AI technology to extract and analyze information from compliance texts such as user business privacy policies, and help users find non conformances in application behaviors by combining the results of static analysis and dynamic detection, as shown in Figure 9 [6]. In addition, Relyance AI also provides a complete data visualization capability, data privacy processing effect evaluation and other compliance requirements inspection capabilities.
Figure 9 Comparative analysis of privacy policy text and application behavior
In terms of privacy computing, ZAMA, which has a deep technological foundation, has launched a series of open-source tool libraries around privacy computing technology. It mainly includes the library TFHE-rs, which is used to implement fast Fully Homomorphic Encryption over the Torus (TFHE), the compiler Concrete, which is used to transform general applications into full homomorphic encryption, and the toolset Concrete-ML, which is used to protect private data in the process of machine learning. Evidence shows that the ZAMA tools are superior to some existing homomorphic encryption tools, as shown in Figure 10 [7]. ZAMA has opened up the aforementioned programming libraries and toolsets, which not only make a significant contribution to the progress of privacy computing technology, but also give people the hope to build a certain scale of privacy computing industry ecology through the popularization of its own technology in the future.
Figure 10 Excellent performance of full homomorphic encryption calculation through TFHE-rs library
Furthermore, it is worth noting that in this year’s innovation sandbox contest, SafeBase’s product covers an aspect that are easily overlooked in traditional compliance governance – the signing of compliance agreements between both parties involved in the transaction. SafeBase compiles enterprise security information into a “Profile”, responsible for all steps of security auditing, proactively presenting complete and transparent information to buyers, and providing the ability for both parties to sign compliance-related agreements on the product platform, as shown in Figure 11 [8]. In addition, SafeBase also provides a comprehensive compliance knowledge base for both parties to query and quickly identify compliance requirements in transactions. For internal files related to business, SafeBase also provides fine-grained access control and data watermark function for tracking file flow.
Figure 11 Automated NDA process
Network Security in Cloud Environment
As cloud computing technology is widely used, how to promote network security work in the cloud environment has been an important issue that the industry has been continuously paying attention to in recent years. Dazz defines the steps for mitigating cloud security vulnerabilities as Discover, Reduce, and Fix. The Discover analyzes vulnerability information and configuration data collected from various aspects of CI/CD and other security products. The Reduce uses its own technology to filter alarm information, enabling the real threat to be more clearly presented to users. The Fix not only provides suggestions for modifying asset misconfiguration, but also automates the repair of known vulnerabilities. Once approved by security operations personnel, one-click deployment can be achieved, as shown in Figure 12 [9].
Figure 12 Dazz’s automatic repair of known vulnerabilities
While Software as a Service has become popular, Valence Security has achieved visual risk display and automated repair of user-side misconfiguration in SaaS platforms for business access without the need to install agents, as shown in Figure 13 [10]. In the Github case provided by Valence Security, the product first explores the direct connection relationship of SaaS applications by collecting personal access tokens, OAuth applications, GitHub applications, and SSH keys connected to Github. Then, it analyzes information such as access scope, actual usage, third-party API calls, and provides potential risks and solutions. In the increasingly complex SaaS grid environment, Valence Security’s risk visualization capability can greatly improve the efficiency of SaaS security governance.
Figure 13 Workflow of Valence Security
Pangea provides network security capabilities to developers in the form of cloud services and proposes a concept: SPaaS (Security Platform as a Service). Pangea encapsulates capabilities such as data desensitization, log auditing, compliance checks, and threat intelligence into API interfaces, as shown in Figure 14, and provides users with an SDK to call these interfaces. Unlike typical cloud services that use web pages as the client, Pangea’s client is the user’s programming environment and SDK. This product model enables Pangea to fully focus on improving the functionality and reliability of its security products, thereby rapidly expanding product capabilities, building a reliable security platform, and building a technology ecosystem to achieve the concept of SPaaS.
Figure 14 Pangea’s security API
Who Will Be the Winner?
So, who will be the winner of the RSAC 2023 Innovation Sandbox Contest? According to the RASC Innovation Sandbox schedule, the innovation sandbox will be open at 11:30 AM PT on 2:30 – 2:45 PM PT on April 24, 2023. Let’s stay tuned and see who will be the winner of the top 10 finalists!
Welcome to NSFOCUS booth# 4301 at South Hall, Moscone Center to talk about cutting-edge security research and innovative security solutions.
References
[1] https://www.101blockchain.com
[2] https://www.anchain.ai
[3] https://hiddenlayer.com/
[4] https://www.endorlabs.com/
[5] https://astrix.security
[6] https://www.relyance.ai/
[7] https://www.zama.ai/
[8] https://safebase.io/
[9] https://www.dazz.io/
[10] https://www.valencesecurity.com/
[11] https://pangea.cloud
