Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Free Application Risk Assessment: Mend.io, a specialist in application security, has launched a new AppSec Risk Assessment program to help organizations understand and prioritize their application risk. The AppSec Risk Assessment Program, available free of charge, pairs organizations with a Mend.io cybersecurity expert who will scan their applications, evaluate their risk and provide remediation advice.
2. Product Launch: Keeper Security has launched Keeper for Safari, its updated browser extension for Apple users. The new version can be downloaded directly from Apple's App Store and is no longer bundled with Keeper's Desktop App. The Keeper for Safari browser extension will generate strong passwords, autofill logins and protect confidential information
3. Product Testing Results: AV-Comparatives, an organization that conducts rigorous testing of cybersecurity solutions, has announced the completion of its Anti-Tampering Certification Test. Of several products tested, only four successfully passed the evaluation: CrowdStrike Falcon Enterprise, ESET PROTECT Entry, Kaspersky Endpoint Security for Business, and Palo Alto Networks Cortex XDR Prevent.
4. Security Partnership: MedCrypt, a cybersecurity provider for medical device manufacturers, is partnering with Stratigos Security, a company that specializes in penetration testing and independent security assessments. They are offering a suite of third-party assessment and advisory services, with specialized penetration tests for medical device makers to assure the safety and effectiveness of their devices.
5. Cybersecurity Training: CyberSheath is offering free training to defense industry contractors. The company has opened registration for its six-course training program to support contractors as they navigate the complexities of compliance. The curriculum offers resources and explains the policies and laws behind Cybersecurity Maturity Model Certification (CMMC) 2.0.
6. Industry Recognition: SecurityScorecard announced that it has achieved Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status. SecurityScorecard is the first software-as-a-service (SaaS) provider to achieve Level 1 status in the Business Continuity and Ransomware Readiness specification category, the company said.
7. Hacker Alert: Chinese hackers are all but certain to disrupt American critical infrastructure, such as pipelines and railways, in the event of a conflict with the United States, a senior U.S. cybersecurity official said this week. Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said Beijing was making major investments in the capability to sabotage U.S. infrastructure. She cautioned that Americans needed to be prepared for the likelihood that Beijing's hackers would dodge their defenses and cause damage in the physical world. (Source: Reuters)
8. Leadership Move: Hoxhunt, a cybersecurity behavior change software specialist, has appointed Petri Kuivala as chief information security officer (CISO) advisor. Kuivala will work closely with the CISOs and security teams of current and prospective customers to understand their human-centered security vulnerabilities and help devise risk mitigation strategies, the company said.
9. Army Contract Award: Aqua Security has won a multi-million-dollar contract with the U.S. Army to provide cloud native application protection platform (CNAPP) security. Aqua Security will provide technology and services that will enable the Army to expand its cloud, implement zero trust architecture and enable secure, rapid software development.
10. Cybersecurity Terminology Guide Released: (ISC)², the world's largest nonprofit association of certified cybersecurity professionals, and the Chartered Institute of Information Security (CIISec) have released a new guide to inclusive language in cybersecurity. The guide offers an alternative vocabulary and general language guidance for cybersecurity professionals.
11. Contract Award: Alpha Omega and partner Dynamo Technologies have been awarded a five-year, $70 million contract with the U.S. Department of Agriculture (USDA) Office of the Chief Information Office (OCIO) Information Security Center Program and Security Management (ISC) to provide mission-critical cybersecurity operations support across USDA agencies.
Annual In-Person MSSP and Cybersecurity Conferences
- The Official Cyber Security Summit Series (Multiple dates and locations)
- 2023 International Cybersecurity Championship and Conference (IC3) (July 31-August 4, 2023, San Diego, California)
- Black Hat (August 5-10, Las Vegas, Nevada)
- Infosec World (September 25-27, Lake Buena Vista, Florida)