Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

NCircle Debuts MSSP

NCircle announced today the debut of its Managed Security Service Provider (MSSP) Program

SAN FRANCISCO -- NCircle, the leading provider of enterprise-class vulnerability and risk management solutions, announced today the debut of its Managed Security Service Provider (MSSP) Program. nCircle vulnerability and risk management solutions - employed by many of the world's largest corporations and government agencies - are now available for integration and delivery in a Managed Security Services solution. The program offers proven technology in a variety of flexible and adaptable configurations to address the demands of a wide range of market segments. NCircle solutions deliver continuous endpoint and network intelligence that serves as the foundation for a balanced security ecosystem as well as policy and regulatory compliance. With nCircle, Managed Security Service providers can enable their customers to:

  • Measure network security risk and compliance using objective metrics
  • Manage network security risk and compliance through dashboard reporting and integration with existing enterprise systems
  • Reduce network security risk and achieve compliance cost effectively by focusing IT resources where they are needed most

Simple vulnerability scanning provided by many MSSPs is no longer a viable competitive solution for customers tasked with measuring, managing and reducing all forms of network security risk. NCircle's advanced security risk management solutions arm MSSP partners with the tools to offer customers a comprehensive solution to risk management that includes all forms of risk --vulnerability, application, network topology, configuration, and policy risk.

NCircle has made significant technology investments to ensure its solutions provide the best possible support for MSSP partners. MSSP partners also benefit from nCircle's investment in the industry's largest and most productive Vulnerability and Exposure Research Team (VERT) -currently providing coverage for over 9,000 distinct operating systems, applications, and vulnerabilities; comprehensive integration flexibility through nCircle's service-oriented architecture and API; and continued innovations like the recently announced nCircle Focus, which breaks from the traditional reporting paradigm to offer security analysts instant and unparalleled insight into risks on their networks.

The nCircle MSSP Program has been designed to deliver maximum flexibility and consists of:

  • Embedded offerings including vulnerability assessment, full lifecycle risk management, and compliance management solutions
  • Value-added offerings such as PCI compliance scanning and network topology risk analysis
  • Onsite auditor tools for consultants performing security audits at the customer's site

Pricing is designed to include best practices such as continuous scanning and network discovery without added cost to providers seeking to offer the highest levels of service. NCircle MSSP partners may optionally participate in nCircle's nAble reseller program, enabling partners to sell nCircle solutions to customers that choose to have their systems deployed on-premise.

"The nCircle MSSP Program offers service providers the leading vulnerability and risk management solution used by many of the world's largest corporations and government agencies," said Abe Kleinfeld, CEO of nCircle. "The program is designed to offer MSSP partners maximum deployment and integration flexibility, true market differentiation and a full complement of options for delivering premium service offerings."

nCircle

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
For Cybersecurity to Be Proactive, Terrains Must Be Mapped
Craig Harber, Chief Technology Officer at Fidelis Cybersecurity,  10/8/2019
A Realistic Threat Model for the Masses
Lysa Myers, Security Researcher, ESET,  10/9/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-17593
PUBLISHED: 2019-10-14
JIZHICMS 1.5.1 allows admin.php/Admin/adminadd.html CSRF to add an administrator.
CVE-2019-17594
PUBLISHED: 2019-10-14
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
CVE-2019-17595
PUBLISHED: 2019-10-14
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
CVE-2019-14823
PUBLISHED: 2019-10-14
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to...
CVE-2019-17592
PUBLISHED: 2019-10-14
The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The __isInt() function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast option.