Managed Security Service Provider (MSSP) News: 13 May 2020
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe@AfterNines.com.
A. Today’s MSSP Alerts
1. M&A – Application Security Testing: SonarSource has acquired RIPS Technologies, a German startup known for its code security analyzers. Teams will be joining forces in building best-in-class Static Application Security Testing (SAST) products that help development teams and organizations deliver more secure software, the companies say.
2. Ramsay Malware Discovered: ESET researchers have discovered Ramsay, a previously unreported cyber-espionage framework that is tailored for collection and exfiltration of sensitive documents and is capable of operating within air-gapped networks, this report says.
3. DevOps Security: DivvyCloud by Rapid7, a cloud security platform, has released Infrastructure as Code (IaC) Security capabilities. The enhancement integrates cloud security into the DevOps process–improving developer productivity and preventing cloud security issues during the build process, DivvyCloud says.
4. Funding – Identity and Access Management: Semperis has raised $40 million in Series B funding. Insight Partners led the round with participation from existing investors. The new investment follows Semperis completing its sixth consecutive profitable quarter, bringing total funding to $54 million, the company says.
5. Privileged Access Management (PAM): One Identity has launched Sudo 1.9, which enables central collection of Sudo logs, provides additional plugins for audit and approval, and allows Sudo plugins to be written in Python. With these and other enhancements, organizations can increasingly leverage Sudo to manage the use of privileges across systems and can audit that use for increased visibility into privileged access, One Identity asserts.
6. Cybersecurity Assessments: RedSeal has launched five new services to help enterprises establish safe and secure environments amid the Work From Home (WFH) wave. The new offerings include
- RedSeal Secure Remote Work Assessment
- RedSeal Cyber Visibility Assessment
- RedSeal Cloud – Cyber Visibility Assessment
- RedSeal’s Managed Service Packages
- RedSeal Health Check Service
7. Security Awareness Training – Azure MSPs: Cyber Risk Aware‘s security awareness platform is now available to Microsoft Azure LSPs and MSPs.
8. Secure Access: Pulse Secure has launched Pulse Access Suite Plus to help businesses of all sizes and industries consolidate disparate security access tools to gain seamless, secure access to applications and resources from any location, network and device, the company says.
B. MSSP Partner Programs and Cybersecurity Alliances
1. Integration – Security Monitoring: Auth0, an identity platform for application builders, now integrates with Datadog’s cloud-based monitoring platform. The result: Customers can continuously deliver Auth0 logs to their existing monitoring and alerting dashboards, making operations easier and more effective.
2. Integration – Advanced Threat Protection (APT): Bitglass and CrowdStrike have partnered to offer an agentless advanced threat protection (ATP) solution that identifies and remediates both known and zero-day threats on any cloud application or service, as well as any device that accesses corporate IT resources (including personal devices), the companies say.
3. Partner Program – Enterprise IoT Security: Ordr, which provides security for unmanaged devices and enterprise Internet of Things (IoT), has expanded its global channel partner program for authorized resellers, assessment partners, and MSPs. Eric Berkman, senior director of worldwide channel, is leading the effort.
C. Upcoming Cybersecurity Conferences
- List: Tech Conferences Canceled, Postponed or Online Only (Source: ChannelE2E)
- Bonus: MSSP Alert’s complete event calendar