Imperva Updates WAAP, SonicWall Confirms 0-Day, & Arista Zero Trust – ESW #215

Adrian Sanabria

1. Mission Secure Announces Series B Venture Funding to Further Advance Its Patented OT Cybersecurity Protection Platform
   This is a surprisingly low number for a Series B, unless you consider that the OT security market is also relatively small when compared to the IT security market.
2. TPG Agrees to Acquire a Majority Stake in Centrify from Thoma Bravo
   Thoma Bravo, well known for turning around some handy 2-3 year profits on many well-known security brands is handing off Centrify to TPG, who is probably best known in recent years for helping Intel divest McAfee and take it public.
3. Akamai Technologies Acquires Inverse Inc., Adds to Zero Trust Security Platform
   Zero Trust? That could mean 50 different things! First off, it's great to see good exits for Montreal-based companies - last year, Montreal-based vuln mgmt startup Delve Labs got picked up by SecureWorks. Interestingly, it looks like Inverse is basically an acqui-hire, but not your typical acqui-hire. It looks like, instead of developing a commercial product, they specialize in creating and maintaining open source products (specifically, Akamai is likely interested in Packetfence here). Instead of making money on commercial software licensing, they get paid to handle all the integration work. This is interesting, because this is likely one of the most common places where product deployments fail and purchases become shelfware. The average customer doesn't have 5 python experts sitting around, waiting to work on the latest SIEM, threat intel or, in this case, NAC.
4. Israeli security startup Bridgecrew in negotiations for sale to Palo Alto Networks for over $100m
   Another CSPM getting acquired here - I guess CSPM wasn't part of one of the four acquisitions that went into Prisma Cloud already? Aporeto was microsegmentation, CloudGenix was SD-WAN, Twistlock was container security and PureSec was serverless security, so yeah, I guess they needed a CSPM acquisition. Also, in researching this story, I discovered that Lacework has an absolutely BRUTAL anti Prisma marketing campaign. It's so aggressive, it's kinda funny.
5. Gartner Forecasts Worldwide Security and Risk Management Spending Growth to Slow but Remain Positive in 2020
   This story is here just as context for the news that Microsoft's security revenue is $10bn annually. With the industry product revenue TAM at ~$60bn, that means Microsoft accounts for one sixth of ALL security product revenue!
6. For Microsoft, Security is a $10 Billion Business
   Huge, if true. If Microsoft's security business is $10bn... that could put them in the number one spot as the largest security company in terms of product revenue, and ignoring the fact that Microsoft Security isn't a separate pure play company. By comparison, Cisco's security business is only doing ~$3bn annually and they've done a TON of security acquisitions in the past decade - SourceFire, OpenDNS, Duo, CloudLock, Threatgrid...
7. U.S. based Rapid7 acquires Israeli cyber startup Alcide.io for $50M
   Another container/Kubernetes-inspired acquisition! They picked up DivvyCloud less than 10 months ago, but from what I can tell, that was more of a broad CSPM play, whereas Alcide seems to be more specifically focused on Kubernetes. We'll probably continue to see Kubes-related acquisitions for a while.
8. Amazon, Alphabet and Salesforce are all investing in a $28 billion company (DataBricks) that crunches big data
   While not a security company, I think we should always have an eye out for big data/data-related companies, as they tend to have an impact on the data-hungry (and alert-fatigued) security space.
9. HelpSystems Acquires Digital Defense to Enhance Cybersecurity Portfolio – Security Boulevard
   HelpSystems, the parent company that also acquired Core Security and Cobalt Strike, picked up Digital Defense. It makes a lot of sense as an acquisition, as (unless I've missed something), Core never had its own scan engine and depended on customers owning other tools to do the actual vulnerability scanning. While many might not know Digital Defense's name, they're a longtime IBM partner, providing the vulnerability scanning engine for QRadar.

Paul Asadoorian

1. Sontiq acquires Cyberscout to expand its cyber products and services to the insurance industry
   "This acquisition unites three best-of-breed products focused on delivering world-class services, as shown in the excellent customer ratings we all have collectively earned." Except, there is no mention (or even a hint) at what all these products ACTUALLY do!
2. IRONSCALES further improves ability to detect advanced and highly targeted phishing attacks
   Okay, but like what does it do? Also important: What does it do that my existing solutions don't do? "Using a democratized approach to threat hunting, IRONSCALES makes anti-phishing effortless and seamless for both security professionals and end users."
3. Arista launches a zero trust security framework for the digital enterprise
   I have no idea what this means, what problem it solves, or why it may be better than anything else: " Arista Multi-Domain Macro-Segmentation Service is a suite of capabilities for integrating security policy with the network through an open and consistent network segmentation approach across network domains."
4. Cymulate Integrates with Microsoft Defender for Endpoint
   I like the honest marketing: "Cymulate, one of the only SaaS-based Continuous Security Validation platform to operationalize the entire MITRE ATT&CK® framework" I'm also a huge fan of testing this way: "Cymulate correlates EDR findings with hacking techniques, behavior-based attacks and malware launched from the Cymulate platform to validate endpoint protection efficacy against new threats and accurate detection and alerts of possible attacks."
5. Tenable Empowers MSSPs to Launch Cloud-Based Vulnerability Management Services within Minutes
   "Tenable®, Inc. announced an enhanced Managed Security Service Provider (MSSP) portal to supercharge partners’ cloud-based vulnerability management offerings with Tenable.io®. The updated portal will enable MSSPs to self-provision and self-service their own Tenable.io instances, up to 1,000 assets, empowering partners to build and launch vulnerability management services in the cloud within minutes."
6. Ping Identity Launches Face-Based Onboarding Solution
7. StackPath Launches Direct Connect
   "StackPath Direct Connect for StackPath content delivery network (CDN), providing dedicated network connections from customers’ private networks to the StackPath edge platform. Traffic from customers’ on-premises origin servers can travel to and from the StackPath CDN without using the public internet." Also, not so sure it does this: "decrease exposure to malicious activity and threats"
8. Barracuda launches high-speed expandable backup platform for Microsoft Office 365
   "Barracuda announced the latest version of Barracuda Cloud-to-Cloud Backup with a new platform that delivers a fast search and restore experience for Office 365 data, including Teams, Exchange Online, SharePoint, and OneDrive. Compared to traditional backup and recovery solutions, a cloud-native solution provides scale and resiliency, fast performance, and wide global coverage to protect Office 365 data born in the cloud."
9. Rapid7 acquires Alcide.IO to extend cloud security
   "these acquisitions will enhance Rapid7’s ability to provide a cloud native security platform to its customers and facilitate continuous management of risk and compliance across their cloud environments...Alcide’s industry leading cloud workload protection platform (CWPP) provides broad, real-time visibility and governance, container runtime and network monitoring, as well as the ability to detect, audit and investigate known and unknown security threats."
10. Imperva updates WAAP and Data Security offerings with emphasis on simplicity
    Sounds like some re-packaging of existing products.
11. SonicWall Confirms Zero-Day Vulnerability
    "SonicWall has confirmed a zero-day vulnerability affecting its SMA 100 Series. Its disclosure arrives as NCC Group researchers report an observation of attacks exploiting a SonicWall flaw." - No details have been published, other than "watch for IPs connecting to the management interface".
12. Arista intros Multi-Domain Macro-Segmentation Service
    "Available on EOS-based switches, MSS-Group implements security policy enforcement based on logical groups rather than traditional approaches based on interfaces, subnets or physical ports. "