Managed Security Service Provider (MSSP) News: 27 October 2020

Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

A. Today’s MSSP Alerts

1. Investment & Talent - Managed Detection & Response: Private equity firm Newlight Partners has invested in Pondurance, a provider of Managed Detection and Response (MDR) cybersecurity services. Moreover, Pondurance has hired a new CEO and named a new chair of the board.

2. M&A - Private Equity and Cybersecurity: Private equity firm Francisco Partners is acquiring Forcepoint from defense contractor Raytheon Technologies. Financial terms of the deal were not disclosed.

3. Funding - Collaboration Security: Theta Lake, a provider of security and compliance solutions for Cisco Webex, Microsoft Teams, RingCentral, Zoom and more, has raised $12.7 million in Series A funding, bringing the company’s total funding to $20 million. Lightspeed Venture Partners led the round with participation by Cisco Investments, among others.

4. Free Cybersecurity Assessment Tools: Axio has introduced four free cyber risk program assessment tools to examine an organization's cyber posture. Axio360’s free tools include the complete NIST Cybersecurity Framework (NIST CSF), the complete Cybersecurity Capability Maturity Model (C2M2), a wizard-based on-ramp to the C2M2 called C2M2 Quick Launch, and coming soon, a wizard-based on-ramp to the NIST CSF called the NIST CSF Quick Launch, the company says.

5. Penetration Testing - Education and Testing: Offensive Security has launched Evasion Techniques and Breaching Defenses (PEN-300), the company’s newest penetration testing training course. Designed as a successor to the Penetration Testing with Kali Linux (PWK) course, PEN-300 teaches students how to perform advanced attacks against hardened networks.

6. ITSM and Risk Management: ServiceNow has announced new Operational Risk and Resilience capabilities to help organizations address priorities and risk areas such as business continuity, resiliency, data loss, regulations, and cybersecurity.

7. Hacker Steals $24 Million: A hacker has stolen roughly $24 million worth of cryptocurrency assets from decentralized finance (DeFi) service Harvest Finance, a web portal that lets users invest cryptocurrencies and then farm the price variations for small profit yields, Ziff Davis reports.

8. KashmirBlack Botnet: A highly sophisticated botnet is believed to have infected hundreds of thousands of websites by attacking their underlying content management system (CMS) platforms such as WordPress, according to Imperva as reported by ZDnet.

B. MSSP Partner Programs and Strategic Alliances

1. Channel Chief - Endpoint Security: SentinelOne has hired Splunk and Palo Alto Networks veteran Ken Marks as its VP of worldwide channels.

2. Channel Chief - Zero Trust: Axis Security has hired Corelight and Sumo Logic veteran Kimber Garrett as head of channel sales. Garrett is responsible for the company's 100 percent channel model for VARs, system integrators, MSSPs and OEM partners.

3. Distribution - MSP Password Management: BeMSP, integrator and coach for MSPs, has agreed to distribute MYKI password and identity management solutions in France.

4. Partnership - Middle East: eHosting DataFort (eHDF), a cloud hosting provider and MSSP in the UAE, has embraced BlackFog for privacy, security and attack prevention capabilities.

5. Partnership - Breach and Attack Simulation: Cyber Guards, an MSSP and security testing firm, has embraced XM Cyber for breach and attack simulation (BAS) and security posture management services.

6. Integration - Microsoft Azure Sentinel: AttackIQ  now integrates with Microsoft Azure Sentinel. AttackIQ’s Preactive Security Exchange (PSE) also includes such partners as BlackBerry, Cisco, CheckPoint, Illumio, LogRhythm, McAfee, Microsoft, Palo Alto Networks, RSA, SentinelOne, and TrendMicro.

C. MSSP and Cybersecurity Virtual Events and Conferences