Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR), threat hunters and MSP security providers — and those who need to partner with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to:
Thank you in advance for news tips.
A. Today’s MSSP, MDR, XDR and Cybersecurity Market News
1. Application Security: Security Compass has released SD Elements 2022.3, which "offers new capabilities that make it easier for software developers to identify software application security threats and exactly where to implement countermeasures to mitigate the risks," the company said.
2. U.S. Railroad Security: The Transportation Security Administration (TSA) announced a new cybersecurity security directive regulating designated passenger and freight railroad carriers.
3. Partnership - Cybersecurity Funding: Banco Santander and Forgepoint Capital have inked an alliance to "drive cybersecurity investment and innovation globally," the two companies said. The alliance spans three initiatives:
- Creating Forgepoint Capital International (FPCI), a new venture capital management company to invest in cybersecurity startups mainly in Europe, Latin America and Israel;
- Santander's participation in Forgepoint's next North American fund, its third since its founding in 2015, and
- a program for select co-investments.
Altogether, these three initiatives could reach an investment by Santander of up to €300 million.
4. Government Cyber Contact: CounterCraft has been awarded a sole-source cybersecurity contract from the U.S. government, with a ceiling of more than $26 million.
5. Partnership - Incident Response: Revelstoke and BreachRx have partnered to "unify automated incident response and compliance capabilities" with the Revelstoke next-generation enterprise Security Orchestration, Automation, and Response (SOAR) platform.
6. Integrations - MDR. Part One: Sophos has launched new third-party security technology compatibilities with Sophos Managed Detection and Response (MDR) to "better detect and remediate attacks with speed and precision across diverse customer and operating environments." The MDR service, which has more than 12,000 customers, now integrates telemetry from third-party endpoint, firewall, cloud, identity, email, and other security technologies as part of the Sophos Adaptive Cybersecurity Ecosystem, the company said.
8. Talent - Automated SaaS Security: DoControl has hired Contrast Security veteran John Chester as VP of sales.
9. Agentless API and Cloud Security: New Orca Security capabilities provide a "full inventory of external APIs, API security posture, and API drift detection, allowing security teams to identify, prioritize, and address API-related risks and misconfigurations across cloud environments," the company said.
10. Compliance - Government Cybersecurity: The Skyhigh Cloud Access Security Broker (CASB) technology has achieved the Department of Defense’s (DoD’s) Provisional Authorization to Operate (P-ATO) at Impact Level 5 (IL5).
11. Network Detection and Response (NDR) for AWS: Corelight has introduced Corelight Cloud Sensor SaaS for AWS -- which allows security teams to "achieve uniform network visibility for incident response and threat hunting capabilities to cloud environments without the burden of having to set up and manage the monitoring infrastructure themselves," the company said.
B. Annual In-Person MSSP and Cybersecurity Conferences
- Claroty Nexus 2022 IoT Cybersecurity Conference (October 25-26, Miami Beach, Florida)
- BlackBerry Security Summit 2022 (October 26-28, In-person and Virtual)
- Forrester Security and Risk Conference 2022 (November 8-9, Washington, D.C.)
- Okta Oktane 2022 IAM Security Conference (November 8-10, San Francisco)
- Palo Alto Networks Ignite 22 Cybersecurity Conference (December 12-15, Las Vegas)