I’m sure, like most people reading this blog, the past two-plus years for me were mainly spent in front of my computer, talking with my colleagues, customers, and prospects over Zoom (or your video conferencing provider of choice). So when the opportunity to attend the MSSP Alert Live event in Washington, DC came my way, I hopped […]
MSSP Alert Live Recap Read More »
I’ve worked with dozens of SecOps and Detection and Response teams over the past few years and it has become crystal clear to me how important it is to fix as many security issues as possible upstream. Or as it is more commonly known, “Shift Left Security”. Broadly, I see three camps on “Shift Left Security”
Economics Of Shift Left Security Read More »
In today’s ultra-competitive MSSP market, business owners are looking for ways to make their offerings more attractive to customers and their SOCs more effective. To that end MSSPs add new technology to their security offering stack with the hopes that prospective customers will see this addition as an opportunity to outsource some, or all, of
MSSP Focus: Three ways your SIEM (even NG-SIEM) is hurting your ability to grow Read More »
Here we go again. Just after the world was pulling itself out of the total economic shutdown of the COVID-19 pandemic, the R word looms on the horizon. We’ve seen our everyday lives touched by large scale inflation over the past 6 months. Groceries, Gas, common goods, everything is more expensive than it used to
Advocating for security in a financial storm? Read More »
Recently I wrote a blog about what makes a lean security team tick, however, after I posted, it occurred to me that I probably should have spent a few minutes talking about the different types of security teams we run into and how to determine if you fit into the lean security team category. You
What is a Lean Security Team, and how to know if you are part of one Read More »
For the last several years, MSP partners have been making a tough decision – should I build cybersecurity within my own business or outsource it? Until a few years ago, the manual nature of SOC technology and cybersecurity talent made it very difficult to build your own service. Today there are many new, more robust
Should you build your own or purchase MDR services — Is Open XDR the answer? Read More »
Cybersecurity systems are ripe for disruption. Over the years, individual tools have proliferated, each with its own data format, causing a deluge of disparate data. Also, there is a global shortage of skilled cybersecurity analysts who can evaluate that data (and they are very expensive if you can find them). Finally, and hackers are getting
Cybersecurity Infrastructure Needs a New Model Read More »
For security vendors and those in the XDR market specifically, there is an architectural axis of build vs. integrate. On one end, you have “Build / Acquire Everything” – vendors that are vertically integrated and want to be an enterprise’s entire security stack. On the other end, you have “Integrate with Everything” – vendors that
Technical Approach To Universal EDR Read More »
In detection and response, bidirectional integrations between security products, let alone unidirectional integrations, are not enough. There needs to be true cohesion amongst the entire security stack; otherwise, security operators are left with piles of data and endless API endpoints to figure out how to wire together. This is more important with Endpoint Detection &
Mastering EDR – Industry’s First Universal EDR Read More »
Providing endpoint security for all your customers is a major challenge. First, it is very rare that partners can deploy an entire endpoint security stack. In many cases, there are servers or other endpoints that do not get covered, or you have customers in the middle of contracts with one EDR provider or another and
Build a new Superpower for your MSSP business! Read More »
MSSPs all deal with a crushing number of alerts daily – but how are the most successful partners managing the influx? The MSSP industry has seen a significant increase in attacks on MSP and MSSP partners this year. This has led to several new attacks on everything from RMM tools to applications. We all deal
Tired Of Reactive Strategies? Proactively Stop Attackers Earlier In The Kill Chain! Read More »
Security can be intimidating for MSP partners making the transition to MSSP. The industry makes it sound too complex and capital intensive to cross the chasm. We believe that there are logical, cost-effective steps you can take to get more of your customers to purchase security and provide better profitability. MSP partners have built long-term
Stellar Cyber’s Open XDR – Step into Security Read More »
2022 Predictions By Aimei Wei Initial definitions of XDR envisioned eXtended Detection and Response – a single platform that unified detection and response across the entire security kill chain. According to Rik Turner, who coined the XDR acronym, XDR is “a single, stand-alone solution that offers integrated threat detection and response capabilities.” To meet Omdia’s
Ransomware attacks are occurring at an increasingly staggering pace. The tactics for deploying it are evolving at an equally rapid pace. Ransomware-as-a-service providers on the dark web are using ML to create zero-day strains, and traditional security technologies are struggling to keep up. What if the ransomware attack was only a diversion from the attacker’s
Ransomware is the Tip of the Iceberg—Can Open XDR / XDR avoid you becoming the Titanic? Read More »
Security Event and Information Management platforms (SIEMs) collect data from security logs and in doing so are supposed to identify blind spots, reduce noise and alert fatigue, and simplify detection and response to complex cyberattacks. However, SIEMs have not lived up to these promises. Now, the new idea is XDR – what are its advantages,
SIEM, XDR, and the Evolution of Cybersecurity Infrastructure Read More »
Today there is no shortage of compliance requirements. There are so many, in fact, that there are billions of dollars spent every year on tools and audits. These regulations have the right goal in mind: protect companies, their intellectual property and their customers. Unfortunately, by the time these laws make it through the government process
Cybersecurity Must Evolve Beyond Compliance: Is Open XDR the Answer? Read More »
Many MSSP’s use SIEMs and other log management/aggregation/analysis solutions for cybersecurity visibility, but is log analysis enough? We’re hearing more and more about holistic security solutions like XDR platforms that claim to cover the entire attack surface, especially because the latest pipeline attack reinforced the compound nature of today’s sophisticated multi-stage cyberattacks. The attackers admitted
The Pipeline Attack – Is Log Analysis Enough for Cybersecurity? Read More »
The current model for cybersecurity is broken. It consists of acquiring and deploying a lot of stand-alone tools, each with its own console, to analyze logs or traffic and detect anomalies that could be threats. In this model, it’s up to each security analyst to communicate with other analysts to determine whether each tool’s individual
The Case for Open XDR – X Means Everything Read More »
