Managed Security Services Provider (MSSP) Market News: 17 March 2023

Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

A. Today’s MSSP, MDR, XDR and Cybersecurity Market News

1. Product Launch: Claroty  has expanded its footprint within the ServiceNow ecosystem by releasing a new set of native integrations leveraging the Service Graph Connector (SGC) and Vulnerability Response (VR) infrastructure. These new integrations enable ServiceNow's CMDB and VR products to ingest in-depth details of cyber-physical systems across the Extended Internet of Things (XIoT), which are automatically discovered and profiled by Claroty.

2. Zero Trust Advancement: Beyond Identity and its partners have launched a new category of zero trust technology: Zero Trust Authentication. Joined by industry leaders Palo Alto Networks, Crowdstrike, Optiv, Ping Identity, and World Wide Technology, ZTA has been developed in response to the failure of traditional multi-factor authentication methods, a problem exacerbated by an alarming number of recent cyberattacks.

3. Product Launch: OffSec, a cybersecurity education provider, has released its newest edition of Penetration Testing with Kali Linux (PEN-200). Its associated certification, the Offensive Security Certified Professional (OSCP) is widely considered the global gold standard in pentesting certifications, the company said.

4. Acquisition Move: ThreatLocker, a specialist in endpoint protection technologies, announced that it has entered into an agreement to acquire assets of virtualization technology HyperQube, and is appointing Craig Stevenson, former CEO of HyperQube, as director of ThreatLocker Ops.

5. Vulnerability Discovered: Hornetsecurity has discovered a severe security vulnerability in Microsoft Outlook that is currently being exploited by cybercriminals. The vulnerability, identified as CVE-2023-23397, permits a remote, unauthorized attacker to compromise systems simply by transmitting a specifically crafted email. This malicious email enables the attacker to gain unauthorized access to the recipient's credentials, the company said.

6. Insider Risk Report Released: DTEX Systems has released its 2023 Insider Risk Investigations Report. The annual report, based on real investigations and data collected by the DTEX Insider Intelligence and Investigations (i³) Team throughout 2022, identifies a significant increase in corporate IP and data theft incidents, the human resources department’s growing role in cybersecurity, and notable new trends impacting the insider risk landscape due to the rise of employee attrition.

7. Industry Recognition: Cybersecurity company Camelot announced that Dr. Wendy Hayes, the company's director of Homeland Security Programs, has been named to the 2023 SIA Women in Security Forum Power 100. The Power 100 honors 100 women in the security industry each year who are role models for actively advancing diversity, inclusion, innovation and leadership in the security industry.

8. Product Launch: KnowBe4 has released its phishing security resource kit to help end users defend themselves and their organizations against phishing attacks. KnowBe4’s phishing security resource kit includes user resources such as access to a free on-demand webinar on phishing mitigation; KnowBe4’s phishing white paper, Comprehensive Anti-Phishing Guide E-Book; a video on how to avoid phishing attacks; infographics; posters; digital signage and more, the company said.

9. Cybersecuirty Partnership: SentinelOne has expanded distributor relationships with Carahsoft, Exclusive Networks,and Ingram Micro. With increased routes to market and larger teams of dedicated SentinelOne experts, partners are better positioned to take full advantage of all SentinelOne offerings, accelerating the company’s penetration into key verticals across North America, the company said. (Source: Seeking Alpha)

10. Product Launch: Cyvatar, a cybersecurity-as-a-service (CSaaS) company, has launched its eCommerce page, offering customers an "easy and convenient way" to purchase cybersecurity services directly from the company.

B. Annual In-Person MSSP and Cybersecurity Conferences