Managed Security Services Provider (MSSP) News: 05 August 2020
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
A. Today’s MSSP Alerts
1. Ransomware Insights: Sophos has published a multi-part research series on the realities of ransomware.
2. Phishing Mitigation and Email Security: Mimecast has announced SAFE Phish, which allows security teams to create training exercises using real-life, de-weaponized Phishing campaigns that target their organizations and employees. Training results can be integrated into the Mimecast SAFE Score dashboard, which is designed to aggregate data to gauge a company’s security posture.
3. VPN Passwords Leaked: A hacker has published a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers, ZDNet reports. a Scott Gordon, chief marketing officer at Pulse Secure, offered this statement:
“Like other vendors, Pulse Secure takes vulnerabilities seriously and continues to apply industry best practices to expedite work with threat researchers and protect our customers. We urge all our customers deploy the security patch fix, available since April 2019, to protect themselves from threat actors and potential attacks. We have already contacted customers that have yet to apply the patch fix multiple times using contact information available to us, and we will continue to do so until the deploy the patch to all their systems. For more information, please visit SA44101.”
4. Partnership – Zero Trust: Forescout Technologies and Arista Networks are partnering to develop an “open ecosystem that embeds security within the network fabric and delivers full visibility and enforcement of critical enterprise assets,” the two companies say.
5. Partnership – MSP Security: MspPortal Partners is launching an initiative to help current and new reseller partners find enterprise opportunities within the healthcare industry, and education and government markets. The effort includes a partnership with Bitdefender.
6. Partnership – Endpoint Security: Networks Unlimited Africa and SentinelOne have launched a partner program that brings Sentinel One’s endpoint security to managed security services providers (MSSPs) of all sizes — including small businesses.
7. Talent – SOC Automation: Respond Software has hired Fortify and Prevoty veteran George Vukcevich as vice president of sales.
8. Cloud Security: Armor Anywhere can now ingest Microsoft Azure native logs, and then correlate that information against cyberthreats, the company says.
9. Threat Detection Software: Micro Focus has released ArcSight 2020, featuring a new unified layered analytics platform and user interface that simplifies holistic threat detection, the company says.
10. Research – Cloud Threats: Netskope has released the August 2020 Netskope Cloud and Threat Report.
11. Open Source Phishing Mitigation: Schneider Downs, one of the United States’ 60 largest accounting and business consulting firms, has released redlure, an open-source phishing platform built with the needs of red teamers and penetration testers top of mind, the company says.
12. Spam Mitigation: Lumu has announced enhanced spambox analytics for its Lumu Insights solution.
B. Upcoming Cybersecurity Conferences
- Black Hat USA 2020 (August 1-6, Virtual Conference)
- Ingram Micro Security Solutions Summit 2020 (August 12-13, Virtual Conference)
- Exabeam Spotlight20 (November 9-11, Virtual Conference)
- Palo Alto Networks Ignite20 (November 9-12, Las Vegas)
- RSA Conference 2021 (May 17-21, San Francisco)
- Bonus: MSSP Alert’s complete event calendar