In this edition of Snake Oilers we’ll be hearing from three very different vendors who’ve all been doing interesting stuff.
GreyNoise: An infosec startup darling, GreyNoise can tell you when an attack you’ve detected is internet-wide, automated activity. Very useful for de-prioritising entire alert sets.
MergeBase: Software Composition Analisys (SCA) with two key differentiators. MergeBase says it gives users MUCH better remediation advice than competitors, and also offers a “in prod” dynamic SCA product that feeds Java app telemetry back to app/security teams. Very cool, and getting popular.
Votiro: Regular listeners would know about CDR company Votiro. They’ve spent the last little while updating their product to better deal with macro-based threats. There’s some site-specific machine learning pixie dust as well as some more generic static detections and re-writes.