Zombie APIs, Morphisec IR Service, “New Product Jeopardy”, & Risk Scoring – ESW #238
This week in the Enterprise News: Latent AI, Optiv Security Launches Next-Gen Managed XDR, An Intriguing Update to Mandiant Advantage, ReversingLabs raises $56M to combat software supply chain, Morphisec Announces New Incident Response Services, & more!
Announcements
CyberRisk Alliance, in partnership with InfraGard, has launched the Critical Infrastructure Resilience Benchmark study. Measure your readiness for ransomware by completing the survey and getting your score. Visit https://securityweekly.com/CIRB to take the survey
SC Media debuts its all-new SC digital experience, fully integrated with Security Weekly podcast content and more. The new site increases the scope and scale of original content resources from editorial staff, contributors, and the far-reaching CyberRisk Alliance network. Visit www.scmagazine.com to check out the new look!
Hosts
- 1. FUNDING: ReversingLabs raises $56M to combat software supply chain attacksThis is a $56m series B led by Crosspoint, with Prelude and ForgePoint participating. The total raised is $81m. The aim is to spend this on sales and marketing to expand global reach (a pretty typical Series B/C goal). Interestingly, they're Cambridge-based and have been around since 2009. They got an investment from In-Q-Tel in 2011, but nothing after that until their Series A in 2017. This suggests they must have been fairly bootstrapped and self-sufficient but then decided to take funding and scale, or just have eyes on an exit. ReversingLabs is best known for scanning files for threats, from many different sources, at a massive scale.
- 2. Latent AI, which says it can compress common AI models by 10x, lands some key backing – TechCrunchThis isn't directly cybersecurity-related, but with so much ML in use in our market - smaller ML models could open up new use cases, especially on endpoints. Also notable is Google's upcoming Pixel 6 having more on-device hardware assistance with ML. Could we see more dynamic ML models on-device in the near future if this trend spreads to laptops?
- 3. Introducing the Allstar GitHub App – Open Source Security FoundationBasically taking the guardrail approach we see a lot of CSPM vendors tackling (DisruptOps, for example), but open source in this case.
- 4. NortonLifeLock and Avast to Merge to Lead the Transformation of Consumer Cyber Safety10 or even 5 years ago, this might be huge news, but it seems like this is less about dominance in 2021 and more about survival, as the market share for traditional AV companies continues to wane. According to OPSWAT's monthly market share reports (which does have a limited sample size, so take with a grain of salt), AVAST was tops back in 2017, McAfee took the top spot in 2019 as Symantec was going through changes and splitting up into NortonLifeLock, with the rest of the company going to Broadcom (I'm assuming the also recently-acquired Computer Associates would absorb the Symantec assets and staff). These days, Symantec and AVAST seem to have almost equal market share, which combined is only about 26%. But that's 26% of what OPSWAT can SEE, and they have a few HUGE blind spots: Microsoft and all the NGAV companies (SentinelOne, Blackberry Cylance, Carbon Black, Crowdstrike, etc.).
- 5. ACQUISITION: An Intriguing Update to Mandiant AdvantageNo deal size reported, but very exciting! This is the third Attack Surface Management vendor acquired (after Expanse and RiskIQ) and won't be the last.
