Managed Security Services Provider (MSSP) News: 26 January 2022
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR), threat hunters and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
A. Today’s MSSP, MDR, XDR and Cybersecurity News Alerts
1. MSSP Executive Leadership: Cerberus Cyber Sentinel, a managed compliance and cybersecurity provider (MCCP) based in Scottsdale, Arizona, has promoted Kyle Young to executive vice president, operations. Young will be responsible for all business operations and work closely with CEO David Jemmett and CFO Deb Smith, the company said. Cerberus is an active buyer of MSPs and MSSPs.
2. MSSP and Zero Trust: SB Technology Corp. will offer iboss Zero Trust capabilities as a managed security service for customers in Japan.
3. MSP Partner Program – Endpoint Security: In the first three years of its MSP Foundation project, Kaspersky has achieved fourfold growth in sales among MSPs, the security company said. Actual revenue figures were not disclosed.
4. MSP and SIEM (Security Information and Event Management): SpaceNet AG, a Munich-based MSP, is “significantly expanding its security portfolio through the use of LogRhythm’s NextGen SIEM platform to provide advanced cybersecurity protection for its customers across Germany and beyond,” the companies indicated.
5. Log4j Vulnerability – Attack Research: The BlackBerry Research & Intelligence and Incident Response (IR) teams have found evidence correlating attacks by the Initial Access Broker (IAB) group Prophet Spider with exploitation of the Log4j vulnerability in VMware Horizon. Details are here.
6. Log4j Vulnerability Mitigation: vArmour announced enhancements to vArmour’s integration with Tanium Platform. The result: Customers gain enhanced abilities to address CISA guidelines and an FTC arning in the wake of the recently discovered Log4j vulnerability, vArmour said.
7. Security Benchmarks: KnowBe4 has launched an Industry Benchmark feature that allows organizations to compare their security culture with others in their industry.
8. Partnership – API Security: Cequence Security and Tetrate have partnered to deliver a single pane of glass that offers discovery of APIs, detection of security risks and threats, and native inline protection against threats, the companies said.
9. Server Security: Virsec has announced its Deterministic Protection Platform (DPP), ensuring “better protection against all known and unknown threats to software workloads, and reducing threat actor dwell time from minutes to milliseconds, with true protection and runtime observability,” the company asserted.
10. Cyber Offer: Panorays, a provider of third-party security risk management software, unveiled a “complimentary offering” available to users for an unlimited amount of time. This new offering helps companies “defend against supply chain attacks by automating their security posture management, as well as helping them explore their third-party security risk management needs,” Panorays asserted.
11. Patch Management: Ivanti has announced Ivanti Neurons for Patch Management, Ivanti Neurons Digital Assistant, and enhancements to Ivanti Neurons for Healing with automatic ticket classification, the company said.
12. Secure Access Service Edge (SASE): Check Point Software Technologies has enhanced its Harmony Connect Secure Access Service Edge (SASE) to offer:
- Zero-trust connectivity to corporate applications with cloud delivered VPN-as-a-service;
- improved connectivity speed worldwide with new global points-of-presence; and
- increased security for your environment thanks to device posture validation for remote user devices, the company said.
13. Cloud Data Security: AppSwarm, a software development company and aggregator of mobile applications, is now developing cloud data security solutions under the TulsaLabs brand.
14. Data Security and Analytics: Varonis Systems has announced Version 8.6 of the Varonis Data Security Platform. The update now supports expanded data security for Microsoft 365 — with “at-a-glance tools to uncover exposed files and folders, new threat models to defend against ransomware, and automated labeling for sensitive files,” the company said.
B. Government Cybersecurity Services, Compliance and More
1. U.S. Department of Defense – Cyber Refresh: The military’s IT and communications arm will partner with contractor Booz Allen Hamilton in 2022 on a $6.8 million project to prototype a new security model based on zero trust principles, SC Media reported. Booz Allen Hamilton also has a Top 250 MSSP business unit.
2. Government Managed Services – CMMC Compliance: CyberSheath Services International, a Cybersecurity Maturity Model Certification (CMMC) managed service vendor, has introduced a new service that “provides all federal contractors with a cost-effective, scalable solution to meet cybersecurity requirements across security, IT, and compliance,” the company said.
3. State of CPPA Compliance: Only 11% of companies are able to fully meet California Consumer Privacy Act (CCPA) requirements, especially when managing Data Subject Access Requests (DSARs), new research from CYTRIO reveals.
C. MSSP, MDR and Cybersecurity Virtual Events and Conference Calendar
- Right of Boom (February 9-11, Tampa, Florida)
- Zero Trust World 2022 (February 21-23, Orlando, Florida)
- GISEC 2022 (February 21-23, Saudi Arabia)
- McAfee MPower Digital 2022 (March 22-23, Virtual)
- Apptega Amplify Partner Summit (April 27-28, Atlanta, Georgia)
- Bonus: MSSP Alert’s complete event calendar