RSAC 2024 Trends: Enea’s Insights for Cybersecurity Vendors

RSA Conference, the traditional yearly meet-up for the cybersecurity industry, has just closed its doors once again. For vendors, it’s a source of valuable interactions and insights that can be used to strengthen short- and long-term roadmaps. To support this process, Enea’s RSAC team proposes a few key recommendations.

For an in-depth analysis and detailed list of roadmap implementations, see also the article on five actionable takeaways by Laura Wilber, Sr. Industry Analyst at Enea, published on The Fast Mode.

Enea’s Embedded Security team predicts that 2024 will be remembered as the seminal year of single-vendor SASE! We have been amazed at how rapidly the number of single-vendor SASE providers is growing and this was reflected at RSAC, where the number had swelled by more than a dozen vendors compared to last year. We also noticed that the types of vendors moving to SASE are evolving, expanding the breadth of SASE functions. This means that a SASE strategy is a must-have for all cybersecurity vendors, whether you decide to compete head-on in the SASE space or take on a complementary role that enables you to co-exist alongside the big platforms.

These evolutions in SASE may also explain the increased interest in our deep packet inspection (DPI) engine (Enea Qosmos ixEngine) at this year’s RSAC. As Mauricio Sanchez, Sr. Director, Enterprise Security and Networking, at Dell’Oro recently said: “SASE is not a trend; it’s the future of enterprise connectivity and security.” ¹

As a security requirement, SASE platforms run all traffic (or nearly all depending on edge configuration) through regional PoP gateways for decryption and inspection. This is explained by the reduced number of opportunities for conventional monitoring due to the shrinking of “traditional” networks and the increasing absence of traditional network perimeters. Add to this the fact that zero trust principles are now mandating continuous monitoring and trust evaluation, the need for reliable, accurate and rapid traffic inspection is at an all-time high. No alternative monitoring and inspection methods can match the granularity, depth and accuracy delivered by DPI on clear traffic. So, if you want to compete successfully in today’s platform market, you must have a DPI engine that can thrive in extreme environments and provide the deep insights needed to support continuous product innovation. That engine is the Enea Qosmos ixEngine.

We were also struck this year by the number of impressive, AI-enhanced XDR innovations at RSAC. Which brings us to the Enea Qosmos Threat Detection SDK (TD SDK). Recently launched to help jump-start IDS development and boost threat detection performance, we received a significant number of inquiries in the context of XDR. The Enea Qosmos TD SDK is built on core capabilities from Suricata and integrates with Qosmos ixEngine to eliminate double DPI/IDS packet processing in platforms and enhance threat detection with Qosmos ixEngine data. Integrated in an XDR solution, it can boost threat detection performance and streamline operations through single-pass packet inspection, providing a natural way to enhance the vendor’s value proposition.

If you would like more information on the Enea Qosmos ixEngine, the Enea Qosmos TD SDK or on any other aspect of our DPI technologies, please don’t hesitate to contact us.

And don’t forget that you can find an in-depth analysis of key RSA trends and detailed list of roadmap recommendations in a separate article by Laura Wilber published on The Fast Mode.