Managed Security Services Provider (MSSP) News: 20 May 2021
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), Extended Detection and Response (XDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe@AfterNines.com.
A. Today’s MSSP and Cybersecurity News Alerts
1. DarkSide Ransomware – Updated CISA-FBI Warning: The CISA and FBI updated a joint cybersecurity advisory on DarkSide Ransomware. The update provides a downloadable STIX file of indicators of compromise (IOCs) to help network defenders find and mitigate activity associated with DarkSide ransomware, the government organizations say. The IOCs were shared with critical infrastructure partners and network defenders on May 10, 2021, the CISA and FBI add.
2. Cisco SecureX Enhancements: The Cisco SecureX platform now supports comprehensive Device Insights.
3. API Security – Part One: APIsec now offers a “fully automated API security testing platform giving DevOps and Security teams continuous visibility and complete coverage for APIs,” the company says.
4. API Security – Part Two: 42Crunch has raised $17 million in Series A funding led by Energy Impact Partners. Adara Ventures also participated in the round. 42Crunch develops an Application Programming Interface micro-firewall that protects APIs against attacks listed in the OWASP Top 10 for API Security.
5. Microsoft Cloud Security: Here are the Top 10 threat detections across Microsoft Azure Active Directory (AD) and Office 365, according to Vectra AI.
6. Vulnerability Scanning: Detectify, a SaaS security company backed by ethical hackers, has released Ugly Duckling, a standalone application security tool. Ugly Duckling makes it easier for ethical hackers to share their latest findings, Detectify says.
7. Phishing Attack Simulations: KnowBe4, which develops a security awareness training platform, announced a new product feature called PhishFlip. The new feature turns real-world phishing attacks into safe, simulated phishing templates, KnowBe4 says.
8. eXtended Detection and Response (XDR): Hunters has launched Hunters XDR, an Open Extended Detection and Response Platform. The launch is not to be confused with Stellar Cyber, which develops an Open XDR platform that has been catching on with MSPs and MSSPs.
9. Government Security – Part One: Offensive Security, a provider of hands-on cybersecurity training and certification for information security professionals, has launched a Federal practice area led by Keith Peer.
10. Government Security – Part Two: AT&T has launched AT&T Threat Detection and Response for Government, which is built on the AT&T Unified Security Management (USM) platform.
11. Freelance Cybersecurity Talent: Cyberdesic has launched an on-demand freelancer network, which allows companies to find on-demand cybersecurity talent.
12. Talent – Industrial Security: Verve Industrial has hired Robert Held as VP of sales engineering and customer success, and Adnan Alawneh as GM of business development and technology partnership activities in the Middle East, North Africa, and Turkey.
B. Cybersecurity Partner Programs and Strategic Alliances
2. Partnership: Exabeam and Pcysys have partnered to “enable global organizations to defend against the latest incoming, live and ever-changing advanced attack techniques.” The partnership also “helps build ‘purple team’ security methodologies and simulation exercises into SOC workflows and improves cross-team communications,” the two companies say.
C. MSSP and Cybersecurity Virtual Events and Conference Calendar
- VMware Carbon Black Connect 2021 (June 3, Virtual Conference)
- Proofpoint Protect 2021 (June 8-9, Virtual Conference)
- Sumo Logic Modern SOC Summit 2021 (June 8-9, Virtual Conference)
- Zscaler Zenith Live 2021 (June 15-16, Virtual Conference)
- Siemplify SOCstock 2021 (June 15, Virtual Conference)
- ConnectWise IT Nation Secure 2021 (June 21-23, Orlando, Florida)
- Bonus: MSSP Alert’s complete event calendar