MSSP, Content, Security Program Controls/Technologies

Master MSSP Solutions Granted, Coda Intelligence Ink Partnership

Solutions Granted, a Top 250 MSSP and master MSSP, has integrated Coda Intelligence vulnerability management capabilities into its portfolio. In doing so, Solutions Granted customers and partners can use the Coda Footprint platform for counter-threat intelligence, red teaming and continuous vulnerability management, according to a prepared statement.

Coda Footprint identifies and prioritizes cyberattack kill chains, Coda indicated. It leverages machine learning algorithms to score vulnerabilities and build contextual risk scores.

Furthermore, Coda Footprint leverages the National Institute of Standards and Technology (NIST) common vulnerabilities and exposures (CVE) database to help organizations identify vulnerabilities across Windows endpoints, Coda VP of Threat Operations Cory Clark noted. If vulnerabilities are discovered, Coda Footprint ensures organizations' endpoints are properly secured.

Coda Offers Free Access to Log4J Detection Engines to MSSPs, MSP

Along with partnering with Solutions Granted, Coda is providing free access to its Log4J detection engines to MSSPs and MSPs. That way, MSSPs and MSPs can use these engines to accelerate Log4Shell vulnerability detection and remediation, the company said.

Coda's Log4J detection engines can detect vulnerable Log4J components deployed in IT environments, the company noted. They leverage agentless scanners that trigger neutralized payloads to identify vulnerable Log4J components.

Furthermore, the detection engines allow organizations to find out if a Java package is vulnerable to Log4Shell, Coda indicated. To do so, organizations can upload .jar, .war or .ear files and have them checked against Log4J and determine if vulnerable versions of Apache software are present.

Details emerged about the Apache Log4J software vulnerability in December 2021. The Cybersecurity and Infrastructure Security Agency (CISA) has called Log4J a "severe risk" and offered guidance to patch the vulnerability and address Log4Shell attacks. In addition, Cybereason and other cybersecurity companies have released Log4J fixes.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.