Enterprise cybersecurity technology research that connects the dots.

RSA 2022: Omdia Research Take Aways

The RSA conference in San Francisco always feels like drinking from a fire hose but especially this year at the first in-person RSA since the pandemic began.

Andrew Braunberg, Principal Analyst, SecOps, Omdia

June 28, 2022

3 Min Read
Image by <a href="https://pixabay.com/users/geralt-9301/?utm_source=link-attribution&amp;utm_medium=referral&amp;utm_campaign=image&amp;utm_content=5592232">Gerd Altmann</a> from <a href="https://pixabay.com/?utm_source=link-attribution&amp;utm_medium=referral&amp;utm_campaign=image&amp;utm_content=5592232">Pixabay</a>

It had been a few years, so with much anticipation, and not a little trepidation, 26,000 people descended on San Francisco for the RSA Conference. Vendors were eager to get back out in front of a live audience and the expo floor was tightly packed with more than 400 exhibitors. Themes emerged in numerous services.

Let’s start with data security. With all the talk of application security needing to "shift left", (i.e., embedding security processes into the development pipeline to reduce the attack surface of code before it enters production), it is only natural that data security should move in the same direction.

Keys and certificates associated with applications and containers need to be protected, as any organization that has adopted a DevSecOps approach will be aware. Indeed, in an ideal scenario, capabilities such as key management and encryption are baked into the workflows of developers and DevSecOps teams and "just work."

Identity was at the center of many a discussion. Achieving "zero trust" transformation with passwordless authentication received renewed attention at the show. Getting rid of passwords has been the holy grail for many organizations and individuals over the past 30 years, and Omdia believes that 2022 will be the year that we finally start to properly phase out passwords.

When it comes to infrastructure security, figuring out the 'risk' of cloud environments was a key topic of interest. Vendors such as Palo Alto Networks, Orca, Wiz, Check Point, and many, many others highlighted tooling to enable deeper understanding of one's cloud estate, with an increasing emphasis on cloud permissions management as a key focus area.

Working to secure the development process for creating cloud environments was another area much discussed, with Infrastructure as Code (IaC) a key pattern for achieving necessary scale. The broad interest in API security was also noteworthy. Specialized vendors such as Salt Security, Wallarm, Cequence, and others joined several of the cloud security vendors in adding API security capabilities to their offerings.

Wrapping up the key topics around infrastructure security, it was noticeable how prevalent the conversations around Secure Access Service Edge (SASE) were, in terms of major security vendors aligning themselves to the broader SASE theme or to its subset known as SSE. Cisco, Netskope, Versa Networks, Forcepoint, among others, demonstrated integrated offerings in this space.

Moving on to SecOps, RSA Conference 2022 will perhaps be seen as the first big opportunity for extended detection and response (XDR) vendors to make their case. Numerous vendors made significant XDR announcements, including BitDefender (launching GravityZone XDR solution), CrowdStrike (expanding Falcon's XDR module), and RSA Group (debuting NetWitness XDR), among others. XDR has the potential to revolutionize enterprise threat detection and incident response (TDIR), making it faster, easier, and potentially even cheaper to find, analyze, and fix cybersecurity threats.

Proactive approaches such as risk-based vulnerability management and attack surface management (ASM) were also in the spotlight. It has been clear throughout 2022 that ASM products are quickly becoming an important component of broader proactive posture management strategies. The market, particularly for external ASM (EASM) solutions, has been busy with both investment and M&A activity.

About the Author(s)

Andrew Braunberg

Principal Analyst, SecOps, Omdia

Andrew supports Omdia's Cybersecurity Operations (SecOps) Intelligence Service research practice, guiding vendor, service provider, and enterprise clients. He provides thought-leading analysis on technologies, trends, and innovations in enterprise security operations centers (SOCs), and specifically on the proactive technologies used to avoid breach, such as vulnerability management and attack surface management.

Andrew has been covering, researching, or speaking on topics related to enterprise information technology for approximately 20 years. Prior to joining Omdia (formerly Ovum) in 2022, Andrew spent five years at NSS Labs where he led the analyst group and worked closely with the company’s security product testing team.

Prior to NSS, Andrew spent more than a decade at GlobalData (formerly Current Analysis), where he managed the Enterprise team and was the firm’s principal security analyst. Over his career, Andrew’s coverage has ranged from endpoint protection suites, to network security appliances, and solutions for protecting cloud-based assets.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights