Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the daily business update for Wednesday, November 28, 2018.
14. Firewalls: The Sophos XG Firewall now includes lateral movement protection to prevent targeted, manual cyberattacks or exploits from infiltrating further into a compromised network, the company says.
13. Botnet Justice: Symantec has assisted an FBI-led law enforcement takedown of cyber criminal rings responsible for a global ad-fraud botnet, resulting in the arrest of three individuals, five additional indictments, and the seizure of infrastructure associated with the 3ve ad-fraud scam, the security firm asserts.
12. Managed Detection and Response (MDR): GLESEC has launched a Managed End Point Incident Response Service (MSS-EDR) as the newest offering of the Seven Element Cyber Security Model (7eCSMTM). The new service is based on advanced detection and response technology combined with around the clock services to identify intruders and malicious software, and protect and prevent the compromise of endpoints and servers across an enterprise, the company says.
11. Huawei Rejected: New Zealand’s intelligence agency has rejected the telecom industry’s first request in the country to use 5G equipment provided by China’s Huawei Technologies, citing concerns about national security, Reuters notes. The U.S., meanwhile, allegedly has been pressuring international allies to avoid Huawei's technology. Huawei has repeatedly stated that the national security concerns are unfounded.
10. Healthcare Data Breach: Atrium Health, previously Carolinas HealthCare System, said on Tuesday data of about 2.65 million patients including addresses, dates of birth and social security numbers may have been compromised in a breach at its third-party provider AccuDoc Solutions, Reuters says.
9. Kaspersky Lab Revenues: Kaspersky's European revenues will grow about 10 percent in 2018 vs. 2017, with 139 banks ranking among the company's key customers, according to UrduPoint. The report did not predict revenues for North America, which have been under pressure ever since the U.S. government banned Kaspersky's software from federal networks. The government claims Kaspersky may have ties to Russia's government. The software company has repeatedly denied the claims.
8. Partnership - SOAR: SCADAfence and Demisto are partnering to integrate SCADAfence's Continuous Network Monitoring (CNM) solution with Demisto's Enterprise platform. The partnership enables industrial organizations to "respond to the ever-increasing threats that spread from IT to OT networks," the companies claim.
7. Partner Program: Ayehu, provider of an AI-powered IT and security automation and orchestration platform, has launched a Global Partner Program for Managed Service Providers, OEM partners and Systems Integrators. Key partners include Cognizant, Capgemini and Everbridge, among others.
6. Partnership: Threat Intelligence Gateway (TIG) specialist Bandura Cyber has inked a strategic partnership with Castra Consulting Managed Services. Castra's mSIEM services are now integrated with Bandura TIG, and Castra has joined the Bandura Cyber Channel Program. Customers gain increased network visibility based on threat intelligence, and users can integrate threat intelligence with mSIEM, adding orchestration and automated response, the companies say.
5. Talent - MSSP Leadership: Nuspire, a Top 100 MSSP for 2018, has promoted Dan Hoban to chief strategy officer. Hoban is now responsible for security research, education, advocacy, solution innovation, design, and helping customers from around the world remain secure.
4. IBM Watson: IBM Security has upgraded QRadar Advisor with Watson. The platform now features knowledge of cybercriminal behavior, and learns from security response activities within an organization. IBM Security also is embracing the open-source MITRE ATT&CK framework, a playbook to help analysts understand how an attack has evolved and what might happen next based on real-world observations from the security community, the company says.
3. AWS Container Security: Multiple security companies announced support for Amazon's new AWS Marketplace for Containers. They include:
- Alert Logic's threat management offering has achieved AWS Container Competency status. Alert Logic Network Intrusion Detection System (IDS) and log management for containers allows for real-time detection of known and unknown exploits that target applications running in containers on Docker, Kubernetes, and more, the company says.
- Aqua Security has achieved AWS Container Competency status. Early adopters include SOAR provider Demisto, which uses Aqua to secure its AWS containerized applications.
- Qualys has launched a container security solution on the new AWS Marketplace for Containers. Customers can now gain visibility and security of containerized applications running on AWS, Qualys claims.
- Sysdig Secure and Sysdig Monitor are a part of the newly launched AWS Marketplace for Containers.
2. Top 10 Security Lists for 2019: We’re rolling out multiple Top 10 lists to help you strengthen your security posture for customers in 2019. The lists so far include…
1. MSSP Pricing Guide: We’ll share managed security pricing tips during our December webcast. Register now to join us.