RSA Conference 2019 and MSSP Cybersecurity News: 04 March 2019Joe Panettieri
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem. But this week, we're blogging live from RSA Conference 2019 in San Francisco. Several of the updates below surfaced at the massive security event. Here’s the daily business update for Monday, March 4, 2019. 18. Mobile Endpoint Detection & Response (EDR): CrowdStrike has unveiled CrowdStrike Falcon for Mobile, an EDR solution for mobile devices. The software providers visibility into malicious, unwanted, or accidental access to sensitive corporate data, while protecting user privacy and without impacting device performance, CrowdStrike asserts. 17. Data Loss Prevention: Teramind announced the availability of its privacy-friendly software solutions to assist organizations to comply with data privacy requirements while implementing employee monitoring for insider threat detection and DLP, the company says. 16. Marriott Data Breach Price Tag: The Starwood Hotels data breach, disclosed in November 2018, has so far cost new parent Marriott and its insurer $28 million in combined cleanup fees, according to an earnings release from the company. 15. North Korea Hacker Activities: McAfee has revealed evidence that the Operation Sharpshooter campaign exposed in 2018 is more extensive in complexity, scope and duration of operations. The hacking group Lazarus, with alleged ties to North Korea, runs the campaign, McAfee asserts. 14. Ransomware Attack: The Park Rapids Area Schools of Park Rapids, Minnesota, have suffered a ransomware attack. We're checking for more details. 13. Data Breach Responses: More than a third of companies are still unprepared to respond to a data breach, according to Experian's latest annual research results. 12. Partner Program: Virtru, a data protection platform provider, has launched the Virtru Velocity Partner Program for VARs and VADs. 11. Penetration Testing - AWS Policy: Amazon will no longer require security pros running penetration tests on their cloud-based apps to get AWS's permission first for such tests, GeekWire reports. Continue to page two of two for today's items 10 to 1. Welcome to page two of two. Here are items 10 to 1. 10. Penetration Testing Security Bug: A recently addressed vulnerability in the Cobalt Strike penetration testing platform could be exploited to identify attacker servers, Fox-IT security researchers reveal, as reported by TechBizWeb. 9. Cloud & Network Visibility: FireMon has unveiled Lumeta CloudVisibility, which offers cloud visibility, security and anomaly detection for hybrid enterprises, the company claims. 8. Threat Vulnerability Prioritization: NopSec has launched the NopSec ActiveCheck module to enhance threat vulnerability prioritization and to enable advanced security control validations for enterprises, the company says. 7. Threat Hunting: ReversingLabs, a provider of enterprise-scale file analysis, threat hunting, and malware intelligence solutions, has announced platform enhancements that deliver improved identification, searching and contextual understanding of advanced malware attacks that have bypassed defenses and entered enterprise networks, the company claims. 6. Threat Detection - Cross-Platform Service: SafeGuard Cyber has launched a cross-channel cyber threat detection system that spans social media, enterprise apps, deep web, and dark web information sources. 5. M&A - Network Detection and Response: Verizon has acquired ProtectWise for cloud-based network detection and response (NDR) services. Financial terms were not disclosed. 4. Funding - Cyber Training Platform: KnowBe4, a Top 10 provider of cybersecurity awareness training and simulated phishing software, has received a minority investment that values the company at $800 million. 3. SOAR for MSSPs: DFLabs, a provider of Security Orchestration, Automation and Response (SOAR) software, has unveiled a new version of its DFLabs IncMan SOAR platform. The upgrade is specifically designed for MSSPs and Managed Detection and Response (MDR) service providers. MSSPs and MDR organizations can centrally perform one-to-many operations across multiple customer environments regardless of the security products deployed at each location, the company claims. 2. RSA Conference 2019 Meetings & News Updates: Track them all here. 1. MSSP Alert Webcasts 2019: Our schedule is posted here. Register now to join us.