Managed Security Services Provider (MSSP) Market News: 7 November 2023

Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

1. Product Launch: ThreatX, an API and application protection platform provider, has unveiled new capabilities for its Runtime API and Application Protection (RAAP) solution. The ThreatX RAAP solution is designed to protect against runtime threats in real-time within Kubernetes (K8) environments.

2. Funding Round: Myrror Security, an in application security specialist, has launched with $6 million in seed funding from Blumberg Capital and Entrée Capital to secure enterprises’ software development lifecycle process. The funds will enable the company to expand its product and scale its go-to-market distribution channels.

3. Product Launch: AttackIQ, an independent vendor of breach and attack simulation (BAS) solutions and founding research partner of MITRE Engenuity’s Center for Threat-Informed Defense (CTID), has announced new innovations for AttackIQ Flex to lower the barriers to security control validation. AttackIQ now offers a free access plan to Flex and advanced, enterprise-grade attack adversarial emulations made possible through industry-leading packet capture replay technology.

4. Security Partnership: MITRE and Microsoft have added a data-driven generative AI focus to MITRE ATLAS, a community knowledge base that security professionals and AI developers and operators can use as they protect AI-enabled systems. This new framework update and associated new case studies directly address unique vulnerabilities of systems that incorporate generative AI and large language models (LLM) like ChatGPT and Bard.

5. Deal Maker: Rockwell Automation, an industrial automation and digital transformation company, has completed its acquisition of Verve Industrial Protection, an asset inventory system and vulnerability management solution provider. This acquisition will expand Rockwell’s cybersecurity offerings and help build resiliency and security of customers’ operations.

6. Leadership Move: SpyCloud, a specialist in cybercrime analytics, has named Bill Cull as its new vice president of Federal. In this role, Cull will lead the strategic expansion of SpyCloud's federal offerings for defense, civilian agencies and national security. He previously held federal leadership positions at IBM, Oracle, Splunk and Palo Alto Networks.

7. Product Launch: Sumo Logic has announced the availability of its HELM Chart V4 feature to fully unify data collection as part of its continued commitment to OpenTelemetry (OTel). Organizations can now package, configure and deploy applications and services on Kubernetes clusters with OpenTelemetry as a default to simplify the collection of metrics, events, logs and traces. Sumo Logic HELM Chart V4 removes dependencies on disparate third-party solutions like Fluentbit, Fluentd and Prometheus to reduce data collection complexity and cost.

8. Malware Alert: A new dropper-as-a-service (DaaS) cybercrime operation named "SecuriDropper" has emerged, using a method that bypasses the "Restricted Settings" feature in Android to install malware on devices and obtain access to Accessibility Services. (Source: Bleeping Computer)

9. Hacking in Hawaii: Cybercriminals are targeting Hawaii’s most vulnerable residents with an attack on the state’s nutritional and financial assistance programs. Hundreds of people have had their accounts emptied or hit with fraudulent purchases. The fraud led to a steady stream of people showing up at the Iwilei benefits center. Several reported they either had their card denied when they tried to buy food or discovered suspicious transactions on their statements. (Source: Hawaii News Now)