Managed Security Services Provider (MSSP) News: 08 February 2022
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR), threat hunters and MSP security providers — and those who need to partner with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Editorial Director Joe.Panettieri@CyberRiskAlliance.com. Thank you in advance for news tips.
A. Today’s MSSP, MDR, XDR and Cybersecurity News Alerts
1. Meet MSSP Alert This Week: We’ll be attending the Right of Boom security conference on Wednesday, Thursday and Friday. If you’re at the event and would like to potentially meet then please email me (Joe.Panettieri@CyberRiskAlliance.com).
2. Department of Defense – Cyber Resignation: Katie Arrington, the cybersecurity official hired by the Trump administration to stand up the Cybersecurity Maturity Model Certification program at the Department of Defense, has resigned her post, SC Media reported.
3. NIST – Software Development Guidelines: The National Institute of Standards and Technology has introduced new guidance that pushes software producers to attest they use secure development practices for products sold to federal agencies.
4. MSP Software – Security Executives: NinjaOne has hired Mike Arrowsmith as its new chief trust officer. Arrowsmith will “take the lead of all security and IT initiatives for NinjaOne, with early priorities focused on scaling and aligning the company’s internal teams and resources,” the company indicated. The move was announced one day after ConnectWise named Patrick Beggs as CISO. Generally speaking, the major MSP software platform providers have been hiring security talent and improving the development practices amid continued hacker and ransomware attacks against the MSP software industry.
5. eXtended Detection and Response (XDR): CrowdStrike’s Falcon XDR module is now generally available. The module extends CrowdStrike’s endpoint detection and response (EDR) capabilities to “improve threat visibility across the enterprise,” the company asserted.
6. Open XDR: PAGO Networks, a South Korean MDR provider and value-added reseller, has adopted Stellar Cyber’s Open XDR Platform to “enhance PAGO’s security-as-a-service program for enterprises throughout the country,” PAGO said.
7. Context-Aware XDR: Qualys has released Qualys Context XDR, a solution that “combines rich asset inventory and vulnerability context, network and endpoint telemetry from Qualys sensors, along with high-quality threat intelligence and third-party log data to identify threats quickly and reduce alert fatigue,” the company asserted.
9. Threat Intelligence: Cyware has unveiled Advisory Feeds — a new capability that enables customers to “access threat intelligence advisories from trusted Cyware partners.”
10. SIEM and SOAR Distribution: BD Soft Distribution has agreed to support Logsign across India. Logsign develops SIEM (security information and event management) and SOAR (security orchestration, automation and response) products.
11. LockBit 2.0 Ransomware Warning: The FBI has released a Flash report detailing indicators of compromise (IOCs) associated with attacks, using LockBit 2.0, a Ransomware-as-a-Service, according to a CISA alert.
B. MSSP, MDR and Cybersecurity Virtual Events and Conference Calendar
- Right of Boom (February 9-11, Tampa, Florida)
- Zero Trust World 2022 (February 21-23, Orlando, Florida)
- GISEC 2022 (February 21-23, Saudi Arabia)
- McAfee MPower Digital 2022 (March 22-23, Virtual)
- Apptega Amplify Partner Summit (April 27-28, Atlanta, Georgia)
- Bonus: MSSP Alert’s complete event calendar