Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
But this week, we’re blogging live from RSA Conference 2019 in San Francisco. Several of the updates below surfaced at the massive security event.
Here’s the daily business update for Wednesday, March 6, 2019.
24. NSA Changes Direction?: The National Security Agency has stopped using a surveillance program in recent months that relied on bulk data collected from US domestic phone records, according to a Republican congressional official, CNN reports.
23. Apple Security Patents: Apple has acquired security patents from LightHouse. The move may signal a deeper Apple push into home security solutions.
22. Commercial Real Estate Security: Blackpoint Cyber and Colliers International are partnering to provide cybersecurity as a managed service for commercial real estate.
21. Talent: CyberArk has hired Palo Alto Networks veteran Rich Wenning as vice president of North American sales and Nuance Communications veteran Clarence Hinton as senior vice president of corporate development.
20. Penetration Testing - Part One: Tripwire has launched penetration testing and industrial cybersecurity assessment services.
19. Penetration Testing Part Two: CompTIA and Immersive Labs have launched a today launched the pen test challenge that apparently will run throughout March 2019.
18. Threat Hunting: Fidelis Cybersecurity has upgraded Fidelis Elevate, a platform upgrade that allows organizations to collect network and endpoint metadata. The resulting context provides real-time and retrospective analysis for detection, threat hunting, and response across on-premise, cloud and hybrid environments, the company says.
17. Endpoint Protection: Alert Logic has added extended endpoint protection capabilities to its cyber platform. The latest enhancements include:
- anti-virus integration
- log collection and search for Office 365
- Microsoft Azure Event Hubs integration
- user behavior anomaly detection for Amazon Web Services (AWS) environments; and
- dark web scanning.
Alert Logic's goal: Help customers to gain enhanced visibility across environments and workloads, without requiring those customers to purchase a SIEM tool.
16. Research: Sophos has released a range of research and findings, including:
- Survey: Cybercriminals Most Likely to be Caught on Servers and Networks, but Detecting Their Time and Point of Entry Remains a Mystery
- SophosLabs Research: GandCrab 101: All about the most widely distributed ransomware of the moment
- SophosLabs Research: Emotet 101 - part 1, part 2, part 3, part 4, part 5
15. Endpoint Behavioral Analytics: BlackBerry Cylance has unveiled CylancePERSONA, a proactive endpoint behavioral analytics solution. It combines continuous biometric behavior and user conduct monitoring designed to identify suspicious users in real-time to prevent compromises, the company says.
14. Partnership: AttackIQ and BlackBerry Cylance are partnering to ensure customers can validate that their endpoint security solutions are deployed correctly and configured optimally.
13. SIEM Part One: RSA has upgraded RSA NetWitness, a SIEM platform that features enhanced machine learning models to detect anomalies in user’s behavior and uncover evolving threats.
12. SIEM Part Two: ManageEngine has introduced user and entity behavior analytics (UEBA) into its SIEM solution, Log360. With score-based risk assessment, threat corroboration, anomaly detection powered by machine learning, and other new capabilities, the Log360 UEBA add-on helps security professionals identify, qualify, and investigate internal threats and anomalies, the company says.
11. Distribution - Breach Detection & Response: Exclusive Networks has partnered with Guardicore to help customers improve micro-segmentation, and real-time breach detection and response capabilities across North America.
Continue to page two of two for items 10 through one.
Welcome to page two of two, featuring items 10 through one.
10. Distribution - SOC as a Service: Ingram Micro has agreed to distribute Digital Hands, a managed security services provider (MSSP) and SOC-as-a-Service provider. Ingram has a similar relationship with Arctic Wolf Networks.
9. SOC Pricing: ThreatConnect has introduced new pricing for a SOC platform that supports threat intelligence, incident response, security operations, and security leadership teams. The twist? We don't have the figures. So check in directly with the company for pricing details.
8. SOC Evolution - Stating the Obvious The SOC market is shifting toward threat detection and response, Gartner says.
7. Small Business Cybersecurity: NIST has launched a Small Business Cybersecurity website to help SMBs mitigate their business risk.
6. Top 100 MSSP - Risk Mitigation: Optiv Security, a Top 100 MSSP, has launched a Risk Transformation Service, an end-to-end solution that extends from risk assessments to strategy execution.
5. Top 100 MSSP - SOAR: Secureworks, a Top 100 MSSP, has launched a Orchestration and Automation solution to help organizations reduce their cybersecurity operations workload.
4. Top 100 MSSP - Trustwave Momentum: Trustwave points to several recent "momentum" oriented developments -- including:
- A Cybereason partnership for MDR.
- Acquiring Hivint to boost security and compliance offerings in Australia and throughout Asia Pacific.
- Upgrading its secure email gateway.
- Enhancing SpiderLabs Managed Security Testing.
- Expanding its cybersecurity training services.
3. M&A - Private Equity and MSSPs: Southfield Capital has invested in Protos Security, an MSSP. We'll share more details soon.
2. RSA Conference 2019 Meetings & News Updates: Track them all here.
1. MSSP Alert Webcasts 2019: Our schedule is posted here. Register now to join us.