Managed Security Services Provider (MSSP) News: 18 July 2019 -

Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across that managed security services provider ecosystem.

The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
Frequency and Format: Every business morning. Typically one or two sentences for each item below.
Reaching Our Inbox: Send news, tips and rumors to [email protected].

Here’s the daily business update for Thursday, July 18, 2019.

A. Today’s MSSP Alerts

1. MSSP Expansion: Optiv Security, a Top 100 MSSP, has opened a Dallas Innovation and Fusion Center, a state-of-the-art, more than 14,000-square-foot facility located in the HALL Park complex in Frisco, Texas.

2. MSSP - Patch Management: Foresite, a Top 100 MSSP that works closely with ConnectWise, now offers Patch Management services in its managed security services lineup.

3. MSP Cybersecurity Certification: Continuum is ramping up to launch Continuum Certify, a cybersecurity certification program for MSPs. Details will surface at Continuum Navigate, two conferences that are scheduled for Pittsburgh and Las Vegas in October 2019.

4. Security Operations Center (SOC) Contract: Maximus Consulting (MXC), part of Future Data Group, has won a SOC and managed security services contract for one of Hong Kong's largest stock brokerage companies for HK$3.3 million, the company says.

5. Funding: Dust Identity, a Framingham, Massachusetts-based security tracking solution for hardware authentication and asset protection, has raised $10 million in Series A funding. Kleiner Perkins led the round with participation from Airbus Ventures, Lockheed Martin Ventures, New Science Ventures, Angular Ventures, and Castle Island Ventures.

6. Password Management - Microsoft Active Directory: The latest Enzoic for Active Directory meets NIST 800-63b requirements for real-time blocking of unsafe passwords at set-up and provide continuous monitoring of those same passwords to ensure they don’t become vulnerable later, the company says.

7. Microsoft Hacker Warnings: Microsoft said it has notified close to 10,000 people in the past year that they have been targeted by state-sponsored hackers, TechCrunch reports.

8. AWS Bucket Attacks: The hacker group Magecart is scanning Amazon Web Services (AWS) S3 buckets for configuration errors. Once found, the errors allow Magecart to overwrite Javascript files with credit-card stealing malware, according to Wired.

9. American Express Phishing Attack: Here are the details...

10. RDP Attacks: They remain a serious threat, according to this Sophos white paper and associated RDP attack research.

B. MSSP Partner Programs and Strategic Alliances

1. Talent: Armor, a cloud security-as-a-service provider, has hired Cisco and Commvault veteran Matt Cook as VP of channel and alliances. Armor's existing partners include such MSPs, MSSPs, cloud consultants and IT provider as BlackLake Security, Lightstream, LEAP, Technologent, and Pulsant, among others.

2. Privileged Access Management: CyberArk has unveiled SaaS-based privileged access security services, including:

CyberArk Alero, a a zero trust remote vendor access service.
CyberArk Endpoint Privilege Manager, which allows admin-level access to Windows and Mac endpoints for a specific period of time. The access includes a full audit log.

CyberArk also unveiled new partner program incentives.

3. SIEM - Managed Detection and Response (MDR): Navisite and Alert Logic together have released an enhanced, fully integrated portfolio of Managed Threat Detection and Remediation services for enterprise cloud clients, the companies say.