Last week, the RSA Conference really came alive with a spirit of innovation and collaboration, thanks to our ‘Threat Busters’ theme. It was a phenomenal week, filled with insightful talks, product updates, and spirited interactions. Here’s a quick recap of the highlights from the event:
Spectral Success at Our Booth and VIP Event
Riding the wave of vibrant energy on the expo floor, where hundreds of companies, including Censys, showcased their latest innovations, we fully embraced our ‘Threat Busters’ theme—because we ain’t afraid of no threats!
“Who You Gonna Call? Threat Busters!” wasn’t just a catchy tagline—it sparked conversations at RSA about battling digital threats. We were thrilled to see so many of you at our booth and VIP event, celebrating in true spectral style. Missed the Censys Threat Busters live? No worries—the team is always ready to demonstrate how we protect your attack surface and help you hunt for threats. Don’t miss out; request a demo today to see our solutions in action.
The week’s highlight? The launch of our Censys Integrations Marketplace, a hot topic during RSA. Considering the average enterprise uses 60-80 different solutions in their tech stack, being able to integrate tools quickly and reliably is essential for maintaining a robust security posture. Our marketplace empowers security teams to set up integrations in less than 15 minutes! We showcased this capability with a live demo of the ServiceNow ITSM integration, demonstrating how it helps security teams automate ticket creation for more streamlined incident response and communication.
Oh, and another highlight—congratulations to the lucky visitor who won an Apple Watch from our Slimer claw machine!
Emily’s Talk on ESXiArgs Ransomware
Highlighting our team’s deep expertise, Emily Austin, Senior Security Researcher at Censys, delivered an engaging talk on tracking the ESXiArgs ransomware campaign. Emily provided a detailed analysis of the campaign’s unique characteristics and its significant impact on global cybersecurity.
She began her presentation by outlining the scope of the issue, noting that the ransomware specifically targeted VMware ESXi servers. This campaign was unusual because it left ransom notes visible on the public Internet—departing from typical ransomware attacks, which generally leave few visible artifacts. This visibility was a result of the ransomware exploiting the management interface of ESXi servers, which are often accessible over the internet. At its peak, Censys’ passive scanners detected 3,551 infected hosts, emphasizing the scale and seriousness of the attack.
Throughout the session, Emily highlighted the importance of understanding how ransomware attackers operate and the vulnerabilities they exploit. She provided an in-depth look at the technical aspects of the attacks, including how the ransomware spreads and the types of data it targets. Emily’s detailed explanations clarified the complexities of the ransomware’s operations and the challenges they pose to cybersecurity professionals.
She concluded with a strong call for robust security measures and proactive threat hunting to protect against such sophisticated attacks. Her talk not only illuminated the specifics of the ESXiArgs ransomware campaign but also reinforced the need for ongoing vigilance and enhancement of cybersecurity defenses.
Powering Up Our Cloud Connectors
In addition to the launch of the Censys Integrations Marketplace, we are thrilled to announce a significant enhancement to our Censys Cloud Connectors, marking a major stride in Attack Surface Management (ASM). Our cloud connectors now refresh data six times daily—up from just once a day, ensuring updates every four hours. This frequent updating keeps your cloud asset data continually current, significantly minimizing exposures and enhancing your defense systems against the dynamic nature of cloud risks.
Paul Krier, Technical Director at RTX, during his enlightening case study titled ‘The Evolution of Vulnerability Discovery,’ underscored the complexities of managing digital assets. His insights into ASM, which performs extensive, continuous, and automated reconnaissance work, highlighted the critical need for real-time data. He particularly noted the ephemeral nature of cloud environments and the unique challenges they pose, emphasizing the importance of having fresh and accurate data to maintain robust security. Our upgraded cloud connectors are designed to address these challenges directly, ensuring that changes in cloud environments are captured more frequently throughout the day.
Why does this matter? As the industry adage goes, “you can’t protect what you can’t see.” In an environment where companies are constantly updating cloud assets, the risk of missing critical exposures between refreshes is substantial. With updates every four hours, our customers gain unparalleled visibility into the most rapidly changing facets of their environments—their cloud-hosted assets. This enhancement not only keeps your cloud asset data fresh but also ensures that your defenses are as responsive and proactive as possible.
Be sure to watch our demo to see these enhancements in action and understand how they can transform your approach to securing cloud environments!
To Add AI or Not: The Hot Topic of the Week
Last week’s conference buzzed with conversations around one central theme: the pervasive and expanding role of Artificial Intelligence (AI) in our society. It seemed every session, every vendor, and every informal discussion touched on aspects of AI—from its transformative potential to the complexities and cautions its rapid adoption entails.
A keynote session led by the ‘Godmother of AI,’ Fei-Fei Li, and Deputy Attorney General for the U.S. Justice Department, Lisa Monaco, perfectly encapsulated this widespread fascination and concern. They explored the deep integration of AI in our lives, highlighting both its indispensable benefits and the emerging risks that accompany its evolution. As AI continues to develop, they presented it as an infancy technology now more critical than ever, emphasizing the need for a balanced approach to harness its capabilities responsibly.
The discussion underscored the excitement about AI’s possibilities and the sobering reality of its challenges—such as operational meltdowns and exploitation by criminals. These points resonated throughout the conference, echoing in vendor showcases and panel discussions, where AI’s potential to revolutionize industries was frequently highlighted alongside calls for prudent governance and ethical oversight.
The consensus was clear: while AI stirs optimism for the future, it also demands cautious and informed engagement from all sectors. This powerful narrative was a call to action for stakeholders at all levels to develop strategies that not only exploit AI’s advancements but also protect against its inherent risks. At Censys, we are dedicated to integrating AI into our solutions thoughtfully, ensuring that our embrace of this technology is both innovative and ethically sound.
In Conclusion…
As Censys continues our journey through the fascinating world of internet intelligence, we remain committed to providing cutting-edge solutions that address both current and emerging threats. We are inspired by the shared commitment of our community and are eager to keep the conversation going.
Thank you to everyone who joined us at RSA 2024. Your engagement and enthusiasm make events like this a success. We look forward to seeing you again next year, ready to bust more threats together!