Channel Brief: Compliance Scorecard Pledges ‘Secure by Design,’ 4me Rebrands to Xurrent

It seems like there's recognition for all kinds of 'cyber holidays' lately (it's Insider Threat Awareness Month, and Cybersecurity Awareness Month is coming up in October) and this week, September 9 through 13, Xage Security is declaring it Privilege Escalation Week to highlight the importance of protecting privileged access and raise awareness about the risks associated with these attacks.

Privilege escalation is one of the most common and dangerous tactics used by threat actors, and recent incidents, such as the Microsoft Exchange Server hack and the SolarWinds supply chain attack, underscore the devastating consequences of compromised privileged access. Ultimately, both the attacks resulted in widespread disruption and significant financial losses.

Privileged access management (PAM) is an essential tool for mitigating privilege escalation risks. By implementing robust PAM solutions, organizations can reduce the attack surface, enhance visibility, enforce least privilege access and implement strong authentication. These measures ensure that only authorized individuals have access to privileged accounts and that their activities are closely monitored and audited, Xage says. If nothing else, it's a good time to double-check your access policies and make sure you're not vulnerable.

As always, drop me a line at [email protected] if you have news to share or want to say hi!

Grab your coffee. Here's what else you need to know today.

Today’s Tech, Channel and MSP News

1. 4me rebrands to Xurrent: MSP and IT services management (ITSM) platform 4me has rebranded and is now Xurrent, the company said in a statement. Xurrent is a low-code, AI-enabled service delivery and collaboration platform for MSPs, MSSPs and IT services professionals.

2. Governance-as-a-service solutions provider Compliance Scorecard signs CISA pledge: Compliance Scorecard, a governance-as-a-service (GaaS) solutions provider, has signed on to the Cybersecurity and Infrastructure Security Agency (CISA) Secure By Design Pledge, the company said in a statement. Signing the pledge underlines the company's commitment to safeguard the digital landscape for MSPs and SMBs. CISA’s Secure by Design pledge is a voluntary pledge that commits technology manufacturers to seven distinct goals, each of which is designed to increase the safety and security of software solutions before they reach the market.

3. iGrafx partners with Cornerstones on digital transformation and ERP: iGrafx is partnering with digital transformation and ERP solutions consultancy Cornerstones to bring modern business process management capabilities to customers, the companies said. The partnership with iGrafx will allow Cornerstones to offer its clients advanced BPM solutions, and iGrafx’s scalable and innovative tools will support Cornerstones in delivering comprehensive BPM solutions that enhance ERP implementations and ongoing process optimization, the companies said.

4. Secureframe launches free compliance gap assessment tool: Compliance automation company Secureframe is launching a free Gap Assessment tool to help service partners, including MSPs, MSSPs, vCISOs and IT security consultants, identify gaps in security posture or compliance status, offering clear insights into improvement areas, the company said. The Gap Assessment tool is an enhancement to Secureframe's comprehensive Service Partner Program that offers compliance automation tools, resources and global support. Launched in June 2024, the program already has 200 partners from 25 countries around the globe.

5. Mattermost appoints new SVP of engineering: Mattermost today announced the appointment of Pavel Zeman as senior vice president of engineering. Zeman brings more than 20 years of experience to the team, with a distinguished background in security, critical infrastructure, mobile security and large-scale engineering leadership. His appointment is expected to drive engineering innovation and accelerate technical collaboration with Azure, Microsoft Teams and Microsoft 365 platforms, the company said.