Managed Security Service Provider (MSSP) News: 27 October 2020
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to [email protected].
A. Today’s MSSP Alerts
1. Investment & Talent – Managed Detection & Response: Private equity firm Newlight Partners has invested in Pondurance, a provider of Managed Detection and Response (MDR) cybersecurity services. Moreover, Pondurance has hired a new CEO and named a new chair of the board.
2. M&A – Private Equity and Cybersecurity: Private equity firm Francisco Partners is acquiring Forcepoint from defense contractor Raytheon Technologies. Financial terms of the deal were not disclosed.
3. Funding – Collaboration Security: Theta Lake, a provider of security and compliance solutions for Cisco Webex, Microsoft Teams, RingCentral, Zoom and more, has raised $12.7 million in Series A funding, bringing the company’s total funding to $20 million. Lightspeed Venture Partners led the round with participation by Cisco Investments, among others.
4. Free Cybersecurity Assessment Tools: Axio has introduced four free cyber risk program assessment tools to examine an organization’s cyber posture. Axio360’s free tools include the complete NIST Cybersecurity Framework (NIST CSF), the complete Cybersecurity Capability Maturity Model (C2M2), a wizard-based on-ramp to the C2M2 called C2M2 Quick Launch, and coming soon, a wizard-based on-ramp to the NIST CSF called the NIST CSF Quick Launch, the company says.
5. Penetration Testing – Education and Testing: Offensive Security has launched Evasion Techniques and Breaching Defenses (PEN-300), the company’s newest penetration testing training course. Designed as a successor to the Penetration Testing with Kali Linux (PWK) course, PEN-300 teaches students how to perform advanced attacks against hardened networks.
6. ITSM and Risk Management: ServiceNow has announced new Operational Risk and Resilience capabilities to help organizations address priorities and risk areas such as business continuity, resiliency, data loss, regulations, and cybersecurity.
7. Hacker Steals $24 Million: A hacker has stolen roughly $24 million worth of cryptocurrency assets from decentralized finance (DeFi) service Harvest Finance, a web portal that lets users invest cryptocurrencies and then farm the price variations for small profit yields, Ziff Davis reports.
8. KashmirBlack Botnet: A highly sophisticated botnet is believed to have infected hundreds of thousands of websites by attacking their underlying content management system (CMS) platforms such as WordPress, according to Imperva as reported by ZDnet.
B. MSSP Partner Programs and Strategic Alliances
2. Channel Chief – Zero Trust: Axis Security has hired Corelight and Sumo Logic veteran Kimber Garrett as head of channel sales. Garrett is responsible for the company’s 100 percent channel model for VARs, system integrators, MSSPs and OEM partners.
6. Integration – Microsoft Azure Sentinel: AttackIQ now integrates with Microsoft Azure Sentinel. AttackIQ’s Preactive Security Exchange (PSE) also includes such partners as BlackBerry, Cisco, CheckPoint, Illumio, LogRhythm, McAfee, Microsoft, Palo Alto Networks, RSA, SentinelOne, and TrendMicro.
C. MSSP and Cybersecurity Virtual Events and Conferences
- Grayhat Virtual Cyber Conference (October 29-31, Virtual Conference)
- Exabeam Spotlight20 (November 9-11, Virtual Conference)
- Ignite20: Palo Alto Networks Conference (November 17-18, Virtual Conference)
- Black Hat Europe 2020 (December 7-10, Virtual Conference)
- RSA Conference 2021 (May 17-21, San Francisco)
- Bonus: MSSP Alert’s complete event calendar