MSSP Market News: MSSPs can’t trust old threat feeds

All security teams know this. Attackers are moving faster than the tools built to stop them. Palo Alto’s new Unit 42 report, Attackers Are Evading Threat Prevention at the Internet Edge, says attackers are finding new ways around traditional network defenses as well. They are moving faster, changing infrastructure more often, and hiding activity before older tools have enough signal to stop them. One of the core data points the report highlights is: 23% of modern malware sends traffic directly to IP addresses, bypassing traditional web and DNS inspection.

That is a big problem because many MDR and SOC workflows still depend on threat feeds, content inspection, and alerts that were built for a slower threat environment. Unit 42 found that new threats take an average of 20 days to show up in popular IP feeds. It also found that 52% of malicious IPs used for direct-to-IP connections are not in those feeds at all. This is a serious gap for security teams and MSSPs. Customers expect them to stop threats earlier, reduce noise, and prevent incidents from turning into bigger response problems. Real-time visibility at the network layer is now a baseline. Content inspection, DNS security, and SOC processes are no longer enough on their own if attackers can avoid inspection and rotate infrastructure quickly.

Market Pulse: Cybersecurity Deals, Funding, and Platform Shifts

Recorded Future partners with Wipro for managed threat intelligence: Recorded Future has announced a strategic partnership with Wipro to launch a Managed Threat Intelligence and Brand Monitoring service under Wipro’s MSSP portfolio. The offering will combine Recorded Future’s AI-driven threat intelligence with Wipro’s CyberShield solutions to help enterprises embed contextual intelligence into security operations, threat hunting and digital risk protection workflows. The companies said the partnership is designed to help global enterprises move faster from detection to decision to response by connecting cyber risk, technology, geopolitical and business signals in one managed intelligence model. Wipro will take the joint offering to market globally and also use the Recorded Future platform internally to help protect its own digital footprint.

Valiant Solutions acquires BreakPoint Labs: Valiant Solutions has acquired BreakPoint Labs to expand its cybersecurity capabilities for federal and national security customers. BreakPoint Labs brings expertise in AI-enabled cyber operations, adversarial threat emulation, red team operations, modern DevSecOps and software-enabled mission support. The deal is Valiant’s second strategic acquisition in six months and broadens its work across operational technology security, advanced penetration testing, threat analytics, software factory enablement and agentic cybersecurity workflow automation. The combined company will focus on delivering advanced cyber operations, automation and security engineering for high-consequence government environments and critical national security missions.

Arpio has raised $15 million in Series A: Arpio has raised $15 million in Series A funding to expand its AI-native recovery and resilience platform for cloud environments. The round was co-led by S3 Ventures and Paladin Capital Group, with participation from Draper Associates, Uncorrelated, Valor Ventures, CreativeCo Capital and Lookout Ventures. Arpio said the funding will help deepen its recovery capabilities across AWS and Microsoft Azure, expand support for Google Cloud and other AI-native services, and advance its broader cloud resilience roadmap. The platform is built to help enterprises automate disaster recovery, restore cloud workloads after ransomware, outages or infrastructure failures, and validate recovery plans through automated failover testing before incidents happen.

Have news to share or just want to connect? Reach anytime at [email protected].