Black Hat Startup City Unveiled: 6 Themes that Stole the Show
Each year Black Hat does such a great job of showcasing startups and providing an excellent format to meet the architects of the future. Since the Innovation team has a knack for uncovering the next big thing, we never miss a chance to dig into the startup scene with curiosity of treasure hunters on the lookout for hidden gems. Knowing our readers love their innovation insights served in bite-sized brilliance, we’ve distilled this down to the standout themes that captured our attention.
Our team only focused on the Startup City, therefore the themes and solutions represented are those that were present in the Startup City and do not reflect the entire market or the entire presence at Black Hat. With that in mind, let’s dig in!
Context is Key
Many vendors are narrowing in on the popular phrase "context is key" and this theme was apparent at the Startup City. We were seeing vendors across all types of disciplines- application security, cloud security, SOC toolsets, etc. all attempting to tackle the challenge of security teams having too many alerts, unclear of which ones to prioritize, and finding a quick path to remediation. This context lens is interesting to our team and one we believe is the juice driving innovation within our 2024 Enterprise Technology Themes, in areas including runtime security and SOC optimization.
While these solutions clearly span different areas in security, the approach they each are taking is similar. By pulling a variety of data sources, they can gather a complete picture of an environment, one that represents the dynamic relationship between variables and continuously creates a baseline of expected behavior. Having such a dynamic and personalized baseline of the environment allows organizations to quickly understand when drift occurs, and how to best fix an environment that has drifted. Of course, these solutions each have a different flavor of this context theme but key takeaways from our stroll through the Startup City were- context is becoming more dynamic and tailored reporting can simplify security posture. Moving forward, it is clear that context is the biggest differentiator for adoption and maturation of a product within a security team. For security teams, evaluating solutions against their completeness of context will no doubt become a priority requirement in the future.
Runtime Security
The Black Hat Startup City (SC) atmosphere was absolutely shifty this year. Not as in, Sin City shiftiness (apologies to the host city) but rather shift “left” or “right”. It was obvious, and the messaging was in bold – if you have an API, existing application, developing new cloud-native modern application architectures, or replatforming a product, you needed a “Shift” mindset and initiative(s), no shift-neutral allowed. Shift-right, where runtime security can be found, was a highlight when walking through Startup City and talking to many founders.
Organizations need to encompass runtime security into their journey to monitor application behavior and track real-time signals that might indicate compromise. Discussed solutions tackle runtime protection a few different ways, some deploy lightweight agents (eBPF) for real-time protection, anomaly detection, and alerting. A few deploy web application firewalls (WAF) to monitor API traffic and apply incident response rules. While combining both approaches, a select few attempt to provide end-to-end runtime security for APIs, applications, and containers running in an organization’s infrastructure.
Once deployed, applications often behave differently in production than in development, testing, and staging environments, often a byproduct of having different performance variables, stability, and reliability requirements. Therefore, runtime security tools can not only provide real-time visibility into application behavior but also help prevent misconfigurations and drift, which are common in dynamic deploy frequent environments. By combining runtime security with pre-production deployment (shift-left) strategies, organizations can achieve a comprehensive security posture that covers the entire application lifecycle from development, through to production ensuring robust protection against both known and emerging threats.
Non-Human Identities
The signs were everywhere, each row reflected at least one startup that had the term “non-human identity” on their signs. It was so prevalent that it may leave you feeling like you can’t even ask what exactly that means in the tactical terms of entities? To level set, when we look at the market of non-human identity management, we are talking about the following types of entities: applications, services, APIs, bots, devices, and machine-to-machine (M2M) components. The thesis behind these technologies is to ensure these non-human identities are properly authenticated, authorized, and monitored to prevent unauthorized access, data breaches and other security risks.
This is really an age-old problem that is starting to get the attention it deserves due to several factors driven by the evolution and adoption of cloud and microservices, increased use of software-as-a-service (SaaS), increased automation, identity first security strategies and the innovations in non-human identity management. With the market response to the problem also comes market confusion on the approaches and of course those adjacent markets that are pivoting into the space to try to capture budget.
Non-human identity management is a critical focus area for organizations of all verticals looking to secure their increasingly complex and automated IT environments. Selecting the right solution depends on the maturity of your identity environment, the types of entities you are managing and how your operational models can support addressing the unique challenges this space presents.
Expanding Application Security Ecosystem
Application security is hard and by the looks of investments and innovations, far from solved. While many organizations are still working out details around the basics (SCA, SAST, DAST, etc.) the application security landscape expansion is underway. I counted 22 startups in the startup city as evidence of the expansion. Evolutions in API security, code remediation, code level privacy tasks, data leaks through application flows, and more. It is a thrilling blend of innovation and challenge, pushing the boundaries of what’s possible while reminding us of the complexities that lie ahead.
Overcoming challenges in complex environment, diverse architectures, cultures of “move fast, fix later” and fragmented ownership have been key contributors in the exciting growth of the ecosystem. Add in the heavy responsibility that comes with a major data breach due to an application vulnerability and we have a fertile ground for innovation for decades to come.
We couldn’t help but wonder what the modern application security stack looks like in a mature organization? How much consolidation do we see in our future? How will GenAI play a role in overcoming some of the skills gap and resource constraints? While there may not be answer to all of the questions now, it is clear that the enterprise will need to have a well-crafted strategy and focused attention in order to purposefully adopt the technology that will shape and protect the future.
AI is Increasingly Being Integrated into All Cybersecurity Functions
In 2010, Apple trademarked the phrase “there’s an app for that” — a phrase that became integral to their marketing strategy in the early years of the iPhone.[1] This phrase highlighted the versatility of the iPhone, and how nearly any imaginable use-case could be realized through mobile applications. For our latest generation of technology, a fitting adaptation to that phrase might be “there’s an AI for that.” And that phrase certainly rang true as we walked through the Startup City (SC) section of Black Hat’s business hall this year.
Would you like to improve your DevSecOps and application security hygiene? There’s an AI for that. Perhaps you want to optimize your cyber defense operations and response-time through data-driven insights? There’s an AI for that too. Want to enhance network observability, gather real-time contextual insights from threat intelligence data, combat ransomware threats, or better understand your cyberattack exposure? In each of these cases, you guessed it — there’s an AI for that. And all of that was just in the SC section of the business hall. But this same trend was prevalent throughout the entire conference. Regardless of whether you think that AI is an overhyped gimmick for marketing, a necessary tool to better prepare businesses for the future, or somewhere in-between; there is no denying the fact that AI is continuing to rapidly transform everything about the ways we approach cybersecurity.
Increasing emphasis on mitigating the risks of AI
Just like in cybersecurity, AI capabilities are also being broadly adopted by enterprise technology solutions used for all kinds of different functions across the entire business (finance, marketing, sales, legal, and many others). The increasingly widespread adoption of this technology is also introducing new and unique risks. In addition to all of the cybersecurity risks that are incurred by adopting new AI infrastructure, these models are also inherently non-deterministic and behaviors/outputs generated by them can be problematic, unreliable, and even unpredictable. And misuse of these models is now frequently resulting in unintended leaks and data incidents for organizations worldwide.
To address these new risks, we are beginning to see a new suite of solutions. These solutions have a wide range of different approaches and implementations, but the objective is the same — to minimize the risks related to the increasing adoption and use of (generative) AI solutions within the business. These solutions are designed to help organizations move faster and innovate more efficiently, by addressing these uniquely new business risks.
Final Thoughts
Exploring the dynamic landscape of Startup City at Black Hat 2024 was an exhilarating experience for the Trace3 Innovation Team. We thrive on the energy of discovering emerging technologies and trends, and it’s a joy to distill those insights into something digestible for our readers. This glimpse into the conference is just a snapshot of the incredible innovation we witnessed, and we’re excited to see how these ideas will shape the future. Thanks for joining us on this journey—we can’t wait to see what the next wave of startups will bring.