The RSA Conference is where the world talks security and Censys is proud to be a bronze sponsor of the event. Tuesday, May 7th, marks the 2nd day of the conference, and San Francisco is buzzing with security folks from all over the world. Representing Censys, I had the pleasure of listening to a couple of incredible sessions and spending a little time on the expo floor. Here are some of the highlights and takeaways from today.
I started the day early at the RTX Case Study titled ‘The Evolution of Vulnerability Discovery’ led by Paul Krier, Technical Director at RTX. Paul expertly laid out the complexities of managing digital assets through Attack Surface Management (ASM), which performs reconnaissance work at scale, continuously, and in an automated fashion. He outlined the four crucial phases of setting up a vulnerability management process:
- Home Turf: Initially focusing on defending ‘The Perimeter’—the known elements of your network and defining your vulnerability management strategy.
- Lay of the Land: Expansion into the ‘Extended Enterprise’ to include partners, suppliers, service providers, and customers, starting to experiment with ASM.
- Empire: Beginning to define the responsibility model and delving deeper into the complexities of the attack surface.
- Actualization: Embracing the complexities with tailored vulnerability discovery and operationalizing assurance domains.
Paul highlighted essential aspects of an ASM solution such as seed data, which is vital for understanding organizational associations, and certificates that help discover internet presence. He also discussed the challenges of managing cloud risks, given their ephemeral nature online, which makes it difficult to secure and track their usage. This session was a standout, offering deep insights into securing ever-evolving and expanding attack surfaces through a comprehensive vulnerability management program.
Moving from the deep dive sessions to the vibrant expo floor, the energy was palpable. Hundreds of companies, including Censys, presented their latest products and solutions. At the Censys booth, we embraced the theme of ‘Threat Busters’ because we ain’t afraid of no threats! Today, we highlighted the launch of our Censys Integrations Marketplace with an in-booth presentation featuring one of our tech partners, ServiceNow. Given that the typical security tool stack for an enterprise includes around 60-80 solutions, making integrations essential to security teams, our marketplace stands out. It allows security teams to rapidly and reliably integrate tools in less than 15 minutes. One key integration is with ServiceNow ITSM, which empowers security teams to automate ticket creation for better incident response and improved communication.
After an engaging demo, I returned to the main conference for a keynote discussion on Artificial Intelligence (AI). The session featured the ‘Godmother of AI’, Fei-Fei Li, and Deputy Attorney General for the U.S. Justice Department, Lisa Monaco. It’s hard to imagine a world without AI now, but in fact AI is still in its infancy. As we delve deeper into the AI era, the talk highlighted not just the positive outcomes but also the emerging dangers. From the advent of new models to the real-time meltdowns and exploitation by criminals, the discourse was a sobering reminder of the rapid pace at which AI is evolving. The speakers stressed the urgency for individuals and enterprises to develop informed usage policies that not only harness AI’s capabilities but also mitigate its risks. It was a compelling call to action for all of us in the digital age to approach AI with both optimism and caution.
As Fei-Fei Li has consistently emphasized, AI should be approached as a tool shaped by human values, requiring careful governance to ensure it benefits society as a whole. Her advocacy for substantial public sector investment in AI resonates strongly in discussions that aim to democratize AI benefits across societal layers. The session highlighted not only the promising advancements but also the stark challenges: new models bring new risks, including the potential for real-time operational failures and misuse by malicious actors. The speakers stressed the critical need for comprehensive educational initiatives to foster an informed public that can engage with AI responsibly. They urged for the development of robust policies that harness AI’s capabilities while safeguarding against its inherent risks. It was a powerful call to action for all stakeholders in the digital age to navigate the complexities of AI with an informed, optimistic, yet cautious approach.
As the day winds down at the RSA Conference, the insights and discussions have underscored Censys’s pivotal role in the security landscape. Delving into the depths of ASM with Paul Krier and unpacking the future challenges and opportunities of AI with Fei-Fei Li and Lisa Monaco have only strengthened our resolve to be the one place to understand everything on the internet in this increasingly complex digital world. Interested in learning more about Censys? Contact us today for a demo.
