Zero trust needed a crucible to burn away the hype and leave the essence of what every cybersecurity vendor has to offer, and the pandemic did that. Akamai, Appgate, Cisco, CrowdStrike, Delinea, Ivanti, Palo Alto Networks, Zscaler and many others either announced their next generation of zero-trust solutions or demonstrated their latest releases at RSA 2022. 

Where zero trust is maturing 

While many in the cybersecurity vendor community still treat zero trust as a series of product features, not an architecture or framework, this year’s RSA proves vendors are maturing their platforms by choosing to solve more challenging problems. CrowdStrike taking on the challenge of providing real-time telemetry data and long-term data archiving with Humio for Falcon and their launch of Asset Graph, which shows the vendors understand zero trust is about architectures and frameworks first. Real-time telemetry data is invaluable in building a zero-trust architecture.

Cisco is introducing the Cisco Security Cloud, demonstrating Cisco Secure Access by Duo and Box, as well as their unified Secure Access Service Edge (SASE) solution Cisco+ Secure Connect Now, which reflects how rapidly zero-trust vendors are maturing. 

In addition, Ericom’s partnership with Cyber Guards to deliver Zero Trust Network Access (ZTNA) to midsize businesses and SMBs brings SASE to businesses who need ZTNA support the most but are often the most budget-constrained.

Ericom’s ZTEdge SASE platform reflects how quickly zero-trust solutions are maturing in the mid-market and for SMBs. Its many innovations in Remote Browser Isolation (RBI) extend to Web Application Isolation (WAI), which enables organizations to allow third party unmanaged device and bring your own devices (BYOD) access to corporate apps, while protecting their data and apps using web-based RBI-based technologies, is another proof point. 

ZTEdge Web Application Isolation (WAI) air gaps public and private web and cloud apps in an isolated, secure cloud environment, where organizations can enforce granular app access and data use policies. Ericom’s been able to deliver this without requiring contractors to install apps or browser extensions, make configuration changes to third-party devices, or use special “corporate” browsers.

John Kingervag created zero trust while at Forrester and currently serves as senior vice president of Cybersecurity Strategyat ON2IT Cybersecurity. An interview he gave during RSA provides guardrails for getting zero trust right. 

“So, the most important thing to know is, what do I need to protect? And so I’m often on calls with people that said, ‘Well, I bought widget X. Where do I put it?’ Well, what are you protecting? “Well, I haven’t thought about that.” Well, then you’re going to fail,” Kingervag said during the interview. 

Signs avendor understand zero trust 

Separating the vendors who understand zero trust is becoming easier, given how quickly the landscape is maturing. The vendors who get it realize their systems and solutions are part of an integrated zero-trust architecture. Enterprises don’t “buy” zero trust; it’s an architecture integrated into a given business’s unique workflows. 

During RSA, two standards were released that provide vendors with the guardrails and guidance needed to help serve enterprises. First, the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) published Implementing a Zero Trust Architecture. The NCCoE is planning to release two additional guides in July and August. 

Kindervag and Chase Cunningham, chief strategy officer at Ericom Software, were among several industry leaders who wrote The President’s National Security Telecommunications Advisory Committee (NSTAC) draft on Zero Trust and Trusted Identity Management. The report defines zero-trust architecture as “an architecture that treats all users as potential threats and prevents access to data and resources until the users can be properly authenticated, and their access authorized.”  

The NSTAC Draft on Zero Trust and Identity Management and the new NCCoE guidelines can help enterprises plan their zero-trust initiatives while helping vendors move away from feature sprawl and deliver streamlined, effective solutions. The NTSAC document provides a five-step process that = Kindervag briefly discussed in his interview at RSA.  

A few key aspects that show a cybersecurity vendor understands zero trust solutions with value and minimal feature sprawl include: 

• Multirole and multicloud support in Identity Access Management (IAM). RSA 2022’s watermark for zero trust maturity is delivering and implementing IAM support for multiple roles, personas and hybrid cloud configurations. IAM vendors doubling down on how to get this right are advancing zero-trust adoption across enterprises today because their customers can use their solutions in more use cases. Zero-trust vendors are innovating rapidly in this area, making it one of the best-kept secrets at RSA 2022. CISOs went to RSA looking to understand how to control multicloud access across AWS, Google Cloud Platform, Microsoft Azure and others on the same IAM platform. Organizations need cloud-based multifactor authentication (MFA) platforms that can support multiple roles or personas at the same time. AWS Identity and Access Management, BeyondTrust, Ivanti, Microsoft, SailPoint and others all support multirole IAM.   

• Resilience improves in every release. One of the main messages of Gartner’s top cybersecurity predictions for 2022–23 is that enterprises need to focus more on building resilient tech stacks than attempting to shut down the most prevalent threat of the day. Cybersecurity vendors delivering the most value with their zero-trust solutions already have a track record of delivering resilience in their platforms and systems. Vendors showing maturity in this area include Absolute Software with its continual improvements to Absolute Resilience, Absolute Ransomware Response and a new series of partnerships announced during RSA for its Absolute Application Persistence-as-a-Service (APaaS).  Utopic and WinMagic rely on Absolute’s firmware-embedded technology to monitor and automatically heal their mission-critical security solutions across their customer bases. Akamai, Cisco, Illumio, Ivanti, Palo Alto Networks and Symantec Enterprise Cloud are zero-trust vendors whose product releases over the last two years reflect how each is designing in greater resilience at the tech stack level. 

• Achieving scale with integrations. The more adoption any enterprise software gains, the greater the demand for broader integration. Every enterprise’s tech stack is unique, making integration options a challenge. Another of the best-kept secrets of this year’s RSA is how abundant the activity is in this area. It’s a leading indicator of which zero-trust vendors have the most active, varied sales cycles. Absolute Software’s announcement before RSA that they’re partnering with BlackBerry to enable their shared customers to strengthen CylancePROTECT with Absolute Application Persistence capabilities reflects how each achieves greater scale with integrations. The partnership aims to enable joint Absolute Resilience customers to extend Absolute’s firmware-embedded, self-healing endpoint device connections to BlackBerry’s Endpoint Protection Platform (EPP). Box also announced more thorough integrations with Cisco, Relativity, Theta Lake and Splunk. New security enhancements to its core platform were also introduced at RSA that will help admins and security teams protect the flow of content inside and outside the organization and across multiple devices.

Maturity in the zero-trust sector is growing

From a marketing blitz in 2020 to a show of force in 2022 by vendors who understand zero trust and are contributing to their customers’ cybersecurity and risk management, RSA has also moved forward. Fewer vendors, less feature sprawl and more focus on solving complex security challenges were a key part of the show. Enterprises are overcoming their inertia of implementing zero trust, as Kindervag alluded to in his RSA interview. 

“What we’ve done is figured out how to break a massively complex problem called cybersecurity into very small pieces called protect surfaces. And as one friend of mine said, ‘We argued for longer than it took us to build the first zero-trust environment that we built.’ So stop arguing about it and do it,” he said.   

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Hangouts holdouts will have to finally say goodbye to Google’s most resilient chat app later this year. On Monday, the company announced it would start migrating consumer Hangouts users to Chat before the former is no longer available after November 2022. If you still use Hangouts on mobile, you’ll see a prompt starting today to move to either the standalone Chat app or the Chat experience in Gmail. “Hangouts has been replaced by Google Chat,” the company declares in the notification.

Over on Gmail, Google won’t begin prodding Hangouts users to switch over until July. The Hangouts web client will remain available until November, and the company says users will have “at least” one month of warning before the platform’s webpage begins automatically redirecting to the Chat website instead. If you’re still actively using Hangouts, Google promises your conversations will automatically transfer to its newer app. That said, you can also use the company’s Takeout service to download a copy of your data.

Google has been gradually phasing out the Hangouts brand in favor of its newer messaging services for some time now, so it’s not surprising the company has finally decided to sunset the platform. And while it never enjoyed the popularity of some instant messaging apps, Hangouts had its devout fans.

Overwatch 2 starts its second beta on Tuesday for PC and console players. The beta begins at 2 p.m. ET/11 a.m. PT and runs through July 18. Sign-ups are still open for a chance to participate, and you can still get guaranteed access if you’re willing to spend some cash.  

The next beta will be our first look at Junker Queen, a new tank hero who first appeared in posters on the Junkertown map that was released in 2017. Fans have been hoping to play her ever since, and five years later, we’re finally getting the chance. The new beta also adds a new hybrid map, Paraiso. The developers have laid out their goals for the beta, which include testing server capacity and hero balance. 

Overwatch 2 is the sequel to Blizzard’s class-based shooter, featuring two teams of five players fighting over objectives. Overwatch devs announced in June that the game will be free to play and will launch in early access on Oct. 4. The first beta injected a frantic pace into the game, which was a welcome change from the slower, more grinding pacing that’s plagued Overwatch in recent years. The free-to-play PvP element will bring the game more in line with other competitive shooters, like Valorant and Apex Legends.

How to sign up for the Overwatch 2 beta

Anyone can sign up for Overwatch 2’s second beta, but it’s not technically an open beta. The game will add people gradually as it ramps up server capacity, and the first big wave of beta access will happen July 5, according to the beta FAQ page. Even if you were in the previous beta, you’ll need to sign up again. 

Here’s how to sign up:

1. Go to the Overwatch 2 beta site.

2. In the top right corner, log in to your Blizzard Account.

3. At the bottom of the Overwatch 2 beta page, choose your platform (and region for PlayStation players).

4. Then hit Request Beta Access.

If you want guaranteed beta access on June 28, you can purchase the Watchpoint Pack ($40). In addition to beta access on day one, you’ll also get two legendary character skins, a unique player icon and enough digital currency to buy the first two battle passes.

How do I download the Overwatch 2 beta?

Blizzard hasn’t released details on downloading the second beta, but it should follow the same process as the first beta. Here’s how that worked:

1. Log in to your Battle.net account and navigate to Overwatch on the game launcher.

2. In the bottom left, click the Game Version drop-down.

3. Select Overwatch 2 Tech Beta to install.

4. When the download is complete, hit the blue Play button to start.

Junker Queen abilities

The new beta finally gives fans a chance to play as Junker Queen, a hero we’ve all been excited about and/or thirsting over since she was first teased on the Junkertown map. Here’s what we know about Junker Queen’s abilities, from the Overwatch Twitter account:

New Hybrid Map: Paraiso

The beta also adds Paraiso, a new hybrid map that explores Lucio’s home, including the DJ’s Clube Sinestesia. As with all hybrid maps, players will start by attacking or defending a control point, and if the attackers succeed, players will spend the rest of the map attacking or defending a payload. 

For more Overwatch 2 news, check out everything we learned from the Overwatch 2 reveal event.