Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR), threat hunters and MSP security providers — and those who need to partner with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to:
- Managing Editor [email protected]; and
- Executive VP and Editorial Director [email protected].
Thank you in advance for news tips.
A. Today’s MSSP, MDR, XDR and Cybersecurity Market News
1. U.S. Federal Network Security: The CISA has issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks, which seeks improve asset visibility and vulnerability enumeration across the federal enterprise.
2. Partnership - Attack Surface Management: Veristor Systems and Randori, an IBM company, have partnered to help customers tackle growing attack surface risks. The effort involves a unified platform for attack surface management (ASM) and continuous automated red teaming (CART).
3. Partnership - Security Ratings: HCLTech and SecurityScorecard have partnered to offer "combined solutions that provide a holistic approach to security management, improving customers’ ability to see, resolve and communicate risk more effectively," the two companies said.
4. Identity and Access Management (IAM) - Part One: One Identity released Safeguard for Privileged Passwords 7.0 LTS and Identity Manager 9.0 LTS to f"urther bolster its unified identity security platform." The updates also integrate with OneLogin features.
5. Identity and Access Management (IAM) - Part Two: A Saviynt Enterprise Identity Cloud (EIC) update addresses key areas of identity governance, cloud privileged access management (CPAM) and identity analytics to help organizations embrace Zero Trust principles, the company said.
6. Apple Device Security: Kandji has launched a Device Harmony platform to address Apple Device Management, Vulnerability Management, Endpoint Detection and Response, Endpoint Visibility, and Endpoint Compliance.
7. Security Operations Platform: LogRhythm has unveiled LogRhythm Axon, a new cloud-native security operations platform.
8. Exposure Management: Tenable has launched Tenable One, an exposure management platform that supports:
- Lumin Exposure View - provides clear and concise insights into an organization’s cyber exposure, giving security teams the ability to surface and accurately answer critical questions about security posture
- Attack Path Analysis (APA) - enables security teams
- Asset Inventory - provides users with a centralized view of all assets, including IT, cloud, Active Directory and Web applications, with the ability to create specific asset tags from a variety of sources and use cases
9. Funding - Threat Informed Defense Software: Tidal Cyber has raised $4 million in funding led by Ultratech Capital Partners.
10. Research: The exploitation in remote services accounted for 52% of ransomware incidents over the past year, Secureworks research indicated.
B. Annual In-Person MSSP and Cybersecurity Conferences
- Mandiant mWise Cybersecurity Conference (October 18-20, Washington, D.C.)
- Claroty Nexus 2022 IoT Cybersecurity Conference (October 25-26, Miami Beach, Florida)
- Okta Oktane 2022 IAM Security Conference (November 8-10, San Francisco)
- Palo Alto Networks Ingnite22 (December 12-15, Las Vegas)
- Right of Boom 2023 (February 22-24, Texas)
