Managed Security Services Provider (MSSP) News: 26 September 2018
Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the update for Wednesday, September 26, 2018.
8. Public Cloud Security Part One: The CIS (Center for Internet Security) has created a framework for CISOs to benchmark the security of their public cloud environments. CIS released the benchmark for AWS 3 years ago, released the benchmark for Azure earlier in the year and very recently released CIS benchmark for Google Cloud.
7. Public Cloud Security Part Two: RedLock now supports CIS compliance reporting for Google Cloud Platform (GCP). Customers can sign up for the RedLock service, onboard Google projects or the entire organization, and gain security visibility in their GCP environment, RedLock says.
6. SIEM and Machine Learning: Siemplify, a provider of security orchestration, automation and response (SOAR) software, has added machine learning capabilities to its SIEM platform. Security operations teams can expedite day-to-day workflow activities such as automatically assigning cases based on past analyst experience and identifying prior threats that can shed light on the best way to address new ones, Siemplify asserts.
5. Azure Threat Hunting: Vectra‘s Cognito platform can now detect hidden cyberattackers in nativeMicrosoft Azure cloud environments. The solution involves virtual sensors running in Azure that integrate with the Azure Virtual Network Terminal Access Point (TAP), Vectra says.
4. Azure Multi-Factor Authentication: PingID multi-factor authentication (MFA) now integrates with Microsoft Azure Active Directory (Azure AD) and Microsoft Active Directory Federation Services (ADFS).
3. Microsoft Azure and Office 365 Security: Track all the updates from the Microsoft Ignite 2018 conference here.
2. Payment Security: Optiv Security, a Top 100 MSSP, has unveiled SecurePayment@Optiv. The effort moves beyond basic Payment Card Industry Data Security Standard (PCI DSS) compliance — allowing customers to implement comprehensive, risk-centric security across the entire payment lifecycle, Optiv asserts.
1. From MSP to MSSP: Continuum CEO Michael George, as expected, on Tuesday unveiled a business plan guide to help MSPs extend to managed security services. The guide and various Continuum strategic moves surfaced at the company’s Navigate 2018 conference in Boston. Complete coverage is here. We’ll share more details on MSSP Alert, as well, soon.