Managed Security Services Provider (MSSP) News: 03 October 2018
Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the update for Wednesday, October 3, 2018.
16. City Security Breach: The City of St. Petersburg, Florida, has suffered a data breach involving Click2Gov’s online software for paying utility bills, parking tickets, business licenses, building permits, and civil citations, ABC News reports.
15. Certifications and Compliance: FireEye has received International Organization for Standardization (ISO) 27001 certification, SOC 2 Type 2 recertification, and Federal Risk and Authorization Management Program (FedRAMP) reauthorization for cloud-based email security solutions.
14. Splunk Security Upgrades: At Splunk.conf 2018, the software company unveiled a new Use Case Library feature in Splunk Enterprise Security 5.2, which enables faster threat detection and incident response, the company says. Also of note: The company is promoting the “combined power” of Splunk Enterprise Security (ES), Splunk User Behavior Analytics (UBA) and Splunk Phantom SOAR (security automation, orchestration and response) technology. We’ll share more details soon.
13. ServiceNow – Risk Management Scorecard: The ServiceNow store now features the SecurityScorecard application for Vendor Risk Management. The application, according to SecurityScorecard, allows risk managers to assess vendor cybersecurity posture; prioritize vendors for review; establish required minimum scores; remediate issues; validate assessments; and engage vendors.
12. Integration – ServiceNow & SIEM: Securonix, a SIEM provider, now integrates with ServiceNow. This joint solution integrates the Securonix SaaS or on-premises platform with ServiceNow’s Security Incident Response or IT Service Management solutions. SOC analysts, forensic investigators, and CSIRT teams gain a single collaborative solution that reduces the mean time to respond to threats, the companies assert.
10. Integration – Managed Detection and Response: The enSilo Endpoint Security Platform is now integrated with Arbala Systems’ Managed Detection and Response (MDR) portfolio. This integration complements Arbala Systems’ extensive managed security services capabilities with enSilo’s real-time protection capabilities, the companies assert.
9. Integration – Security Orchestration and Automation: Red Hat this week previewed Ansible Automation integrations to help customers automate and orchestrate enterprise security solutions. The developments, according to Red Hat, allow customers to automate security capabilities like enterprise firewalls, intrusion detection systems (IDS) and security information and event management (SIEM).
8. Integration – Threat Defense: Syntax’s Cloud Threat Security Solution now leverages Humio’s log engine to visualize data and incidents as activities occur, providing actionable data and insight into threats continuously, the companies say.
7. Talent – Alliances: AttackIQ has hired Dan Sibille as VP of global alliances and channels. He’s responsible for establishing strategic partnerships with leading technology vendors, constructing a comprehensive channel strategy and partner program as well as driving new business development opportunities, the company says.
6. Talent – Venture Capital: Cisco Systems security veteran David Ulevitch has resigned and joined venture capital firm Andreessen Horowtiz as a partner.
5. Identity Management Product War: One Identity has introduced a migration program that targets customers of Bomgar, Lieberman and BeyondTrust. Until the end of January 2019, any customer with a current support or maintenance contract with Bomgar, Lieberman or BeyondTrust can switch to One Identity Safeguard or One Identity Privileged Access Suite for Unix for the price of their annual maintenance minus 10 percent plus two weeks of One Identity Services, the company says.
4. SOC as a Service: PeriCertum’s Secure Cyber Operations now leverages EventTracker to offer SOC-as-a-Service and co-managed SIEM services to customers. PeriCertum’s suite of cybersecurity services also includes risk identification and quantification, prioritization and budget, prediction and prevention, risk mitigation, deep assessment and third-party risk scoring, the company says.
3. M&A – Cloud-delivered Security: Palo Alto Networks is acquiring cloud threat defense company RedLock for $173 million.
2. M&A – MSSPs & Cyber Consulting: Evolver and eVigilant have merged to form Converged Security Solutions, an MSSP focused on federal and commercial customers. We’ll share more details soon.
1. This Week’s Conferences: MSSP Alert is closely tracking cybersecurity partner news this week at:
If you’ve got news to share from those gatherings please email me (Joe@AfterNines.com).