Managed Security Services Provider (MSSP) News: 01 October 2020
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe@AfterNines.com.
A. Today’s MSSP Alerts
1. MDR and Security Alert Management: Red Canary has launched Red Canary Alert Center—a single destination that intelligently prioritizes alerts from across the security stack improving security outcomes, the MDR (managed section and response) company says.
2. MSP – Managed Detection and Response: TPx, an MSP, has strengthened its managed security services with the addition of enterprise-class managed detection and response (MDR) to its MSx Firewall and MSx Endpoint services, the company says.
3. Vulnerability Testing – Election Security: Iowa has launched a Vulnerability Disclosure Program (VDP), inviting private sector security researchers to test Iowa’s IT system and applications for potential security holes. Iowa will leverage VDP to further ensure the security of its election systems. Iowa is partnering with Bugcrowd for this initiative. VDP is part of the core cybersecurity framework recommended by the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standard and Technology (NIST).
4. Remote Work Security – AWS Cloud: Amazon has launched the AWS Digital Workplace Competency for partners focused on endpoint management, application management and collaboration platforms.
5. School IT Security Concerns: Amid the shift to remote and online learning, students and educators face a growing mix of cybersecurity risks. Among the key areas of concern: Lax device management puts students and educators at risk, according to recent NinjaRMM survey results.
6. Bug Bounty Program – HP Printers: HP has expanded its bug bounty program to target office-class ink and toner cartridge vulnerabilities. HP will award $10,000 for vulnerabilities discovered.
7. AWS Cloud Container Security: Sysdig has unveiled automated inline image scanning for AWS Fargate containers, directly in Amazon Elastic Container Registry (ECR). Sysdig says it is the first container and Kubernetes security platform to offer inline scanning for Fargate, which doesn’t require customers to share images or registry credentials outside of their AWS environment.
8. AWS Cloud Application Security: Anitian, a Top 250 MSSP that has evolved into a cloud security software company, has launched SecureCloud. The pre-engineered security service for AWS allows customers to rapidly deploy applications and services to customers – “without sacrificing security measures or privacy protections,” Anitian asserts.
9. Hacker Sentenced: A Russian man convicted of stealing 117 million LinkedIn passwords in 2012 in addition to hacking into two other Bay Area tech companies has been sentenced to more than seven years in prison, a CBS affiliate reports. Russian national Yevgeniy Alexandrovich Nikulin was sentenced to 88 months in prison for hacking into LinkedIn, Dropbox and the now-defunct social networking company Formspring says.
10. Internet Privacy: A member of the U.S. Federal Communications Commission called for new scrutiny of undersea cables that transmit nearly all the world’s internet data traffic, Reuters reports.
11. Bug Bounty Program – HP Printers: HP has expanded its bug bounty program to target office-class ink and toner cartridge vulnerabilities. HP will award $10,000 for vulnerabilities discovered.
12. Software Piracy: Cylynt has unveiled Cylynt Ranger, a piracy detection application that enables independent software vendors (ISVs) to identify and track the illegal usage of older, non-instrumented releases of their software applications, the company says.
B. MSSP and Cybersecurity Virtual Events and Conferences
- BlackBerry Security Summit 2020 (October 5-7, Virtual Conference)
- ConnectWise IT Nation Secure 2020 (October 14-15, Virtual Conference)
- CrowdStrike Fal.con 2020 Cybersecurity Conference (October 15-16, Virtual Conference)
- Exabeam Spotlight20 (November 9-11, Virtual Conference)
- Palo Alto Networks Ignite20 (November 17-19, Virtual Conference)
- Bonus: MSSP Alert’s complete event calendar