MSSP Market News: ManageEngine Adds AI Enhancements to PAM

OpenText recently released its 2025 Threat Report, unveiling the latest tactics used by threat actors and what security teams, MSSPs, and end users can do to protect themselves.

Check it out here, but to summarize, some of the top findings include:

Malware infections targeting businesses jumped 28% year-over-year, the highest rate since 2020.

Eastern and Central Europe emerged as malware infection hotspots, with a rise in politically motivated attacks tied to the ongoing Russia-Ukraine conflict.

Phishing campaigns are becoming more sophisticated, with threat actors leveraging over 170 million instances of Living Off the Land tactics.

Google APIs, Amazon AWS, and Cloudflare IPFS were among the most highly abused services.

And, of course, AI is playing a major role on both sides of the battle, the OpenText report found. While organizations explore generative AI for productivity and efficiency and are using AI-enabled cybersecurity tools, cybercriminals use it for precision attacks. From deepfake-powered social engineering to AI-optimized malware development, we’re now in an arms race where speed, scale, and believability are the currency of compromise. AI is no longer emerging in the threat landscape; it’s embedded.

Now, here's today's MSSP update. Drop me a line at [email protected] if you have news to share or want to say hi!

Today's MSSP Update

1. ManageEngine adds AI features to PAM: Enterprise IT management firm ManageEngine, a division of Zoho Corporation, this week added AI-powered enhancements to its privileged access management platform, PAM360. In addition, ManageEngine added a new privileged task automation module enabled by Qntrl, Zoho’s unified workflow orchestration platform. These capabilities should help enterprises automate enterprise-wide administrative routines, enforce least privilege at scale and reduce security risks through automated remediation.

2. Duna raises $12.1 million for business identity verification: Dutch startup Duna, a business identity platform founded by two Stripe veterans, announced this week it has raised $12.1 million in seed funding. The idea behind Duna is to create a “shareable business identity” network. Duna’s funding comes as FinTech firms are struggling to strengthen their fraud prevention and identity verification to protect their operations and their customers, as a recent PYMNTS Intelligence report shows.

3. Ox Security raises $60M Series B to scan AI-generated code: Ox Security has closed a $60 million Series B this week, the company said. The round was led by DTCP with participation from IBM Ventures, Microsoft, Swisscom Ventures, Evolution Equity Partners, and Team8, and it brings Ox’s total raised to $94 million. Neatsun Ziv and Lior Arzi, both formerly of Check Point, founded Ox in 2021. Ox’s platform is aimed at both security teams and developers and scans code in applications to secure a company’s software supply chain. Ox can model threats and even recommend fixes, assist with code reviews, and generate executive reports that highlight breaches and explain why they happened.

4. Outpost24 enhancements to risk protection modules: Outpost24 this week announced the integration of two new Digital Risk Protection (DRP) modules to its External Attack Surface Management (EASM) platform. The Social Media and Data Leakage modules are now offered alongside the Leaked Credentials and Dark Web modules to enable visibility over the entire attack surface. These modules help companies respond more quickly to social media threats, detect leaked documents and source code before they become a problem, and protect reputations from leaks and breaches.