Managed Security Services Provider (MSSP) News: 13 October 2020
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
A. Today’s MSSP Alerts
2. Managed Detection & Response (MDR): ITC Secure, an MSSP and Silver Microsoft Partner, has launched Managed Detection and Response (MDR) services that leverage Microsoft’s security stack.
3. Threat Intelligence: Booz Allen Hamilton has introduced SnapAttack —a cloud-based software solution that brings together actionable threat intelligence and hacker detection. SnapAttack enables red and blue teams to work together, emulating attacks from intelligence data, sharing insights of malicious behavior, and developing vendor-agnostic behavioral detection analytics to stop advanced adversaries, Booz Allen Hamilton asserts.
4. Research – Microsoft Office 365 Security: Vectra, a provider of network threat detection and response (NDR), has released its 2020 Spotlight Report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks.
5. Talent – Channel Chiefs: Sophos has promoted channel chief Erin Malone to senior vice president of sales for Americas. Malone, Sophos notes, has risen the company ranks following a successful position as vice president of sales for North America, where she created and led the company’s Partner Advisory Council (PAC). She joined Sophos in 2015, and is based in the U.S. Also, the cybersecurity software company has hired Forcepoint veteran Kevin Isaac as senior vice president of sales for Europe, Middle East and Africa (EMEA).
6. Talent – Security Operations Automation: Ivanti has hired Avid veteran Melissa Puls as senior vice president and chief marketing officer (CMO).
8. Qualys Expands in China: Qualys is expanding into China through the establishment of a Private Cloud Platform and a partnership with Digital China, the largest value-added provider of integrated IT products, solutions and support for enterprises in China, the company says.
9. Palo Alto Networks – Cloud Security Modules: Palo Alto Networks has introduced four new cloud security modules into Prisma Cloud 2.0, a Cloud Native Security Platform (CNSP). This announcement integrates Aporeto and builds on the November 2019 introduction of Palo Alto Networks Prisma Cloud, which brought together RedLock, evident.io, Twistlock, and PureSec into the CNSP. The new Prisma Cloud modules include:
- Data Security delivers data loss prevention (DLP) capabilities.
- Web Application and API Security protects web applications against Layer 7 and OWASP Top 10 threats.
- Identity-Based Microsegmentation integrates Cloud Network Security (CNS) capabilities following the acquisition of Aporeto.
- Identity and Access Management (IAM) Security gives customers Cloud Infrastructure Entitlement Management (CIEM) capabilities.
10. McAfee Cloud-based Security Services: McAfee has expanded its MVISION portfolio with three Device-to-Cloud suites. McAfee says the suites include…
- MVISION Advanced: Proactive endpoint threat prevention that includes next-gen defense mechanisms and rollback remediation to protect against ransomware and other advanced malware.
- MVISION Premium: Endpoint and data protection, with AI-powered Endpoint Detection and Response (EDR) and Data Loss Prevention (DLP Endpoint), to more completely defend devices and data from advanced attacks.
- MVISION Complete: Unifies McAfee’s full endpoint security portfolio with MVISION Unified Cloud Edge, which combines Secure Web Gateway (SWG), advanced DLP and Cloud Access Security Broker (CASB) to deliver device-to-cloud protection.
11. U.S. Election Security – Microsoft vs. Botnet, Ransomware: Microsoft said Monday it had used a court order to take control of computers that were installing ransomware and other malicious software on local government networks and threatening to disrupt the November election, Reuters says. Microsoft explained its steps against the Trickbot botnet in this blog.
12. RMA CGM Ransomware Attack Recovery Update: CMA CGM, the world’s fourth-largest container shipping group, said it has restored its online business services after a cyber attack in September 2020 paralyzed activity, Reuters reports.
B. MSSP and Cybersecurity Virtual Events and Conferences
- ConnectWise IT Nation Secure 2020 (October 14-15, Virtual Conference)
- CrowdStrike Fal.con 2020 Cybersecurity Conference (October 15-16, Virtual Conference)
- Houston Cyber Summit 2020 (October 20-22, Virtual Conference)
- Grayhat Virtual Cyber Conference (October 29-31, Virtual Conference)
- Exabeam Spotlight20 (November 9-11, Virtual Conference)
- Bonus: MSSP Alert’s complete event calendar