Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A lot has landed in the platform this month. Below is everything that’s new, what’s improved, and what’s been fixed in April’s ThreatSpike product update.

Another SaaS integration for the books! Incidents can now be automatically generated in the portal from email addresses in ProofPoint alerts. These are then linked to portal users, as well as any devices those users are logged in to.

ThreatSpike can now autofill your email, password, and even MFA using credentials stored in your Vault. The popup UI allows you to easily select between multiple credentials. Coming soon: Expanding the website support for autofill Automatically importing logins to the ThreatSpike Vault upon login.

ThreatSpike can now use JumpCloud’s Directory Insights API to pull in Login Events, which are automatically analyzed. If suspicious activity is identified, a SaaS Unusual Login incident will be raised – with our 24/7 SOC team on standby to confirm, investigate, and remediate the issue.

You can now easily request a pen test from within the ThreatSpike Portal, following a simple guided questionnaire custom to each pen test type. Whether it’s a Red Team, Web App, or even a Physical – you can request it here!

Phishing continues to be the most common way attackers gain initial access. If you want to prevent phishing in your organisation, it starts with understanding how these campaigns suceed and why they continue to bypass traditional controls. Drawing on insights from our recent webinar Red Team Insights: What We’ve Learned from Breaching the Best, this article explores the tactics attackers rely on and the steps security teams can take to strengthen their defences.

Last October marked a turning point for ThreatSpike. Not only did we start the conversations around our Series A funding round. But also the mission expanded, not just to protect companies from cyber threats, but to give any business, of any size, access to IT and security at a standard most people assumed was only possible for global corporations.

Most businesses do not set out wanting to change MSPs. They make the choice once, sign the contract, and hope they never have to think about it again. The whole point is to make IT easier, to have someone else deal with the problems so the business can get on with its job.

The high profile MGM Resorts hack by ransomware group ALPHV/BlackCat has served as a wake up call to the hospitality industry, demonstrating that the industry is a lucrative target for cybercriminals. The hack was hugely impactful to MGM making for sensational headlines in mainstream media, however what struck security experts were the social engineering methods used by the threat actors and how effective they were in bypassing security controls and technologies.

In a recent social-engineering attack targeting the hospitality sector observed by the ThreatSpike team, there appears to be a change in the tactics employed by the threat actor. The hospitality sector, where top-notch customer-service is expected, customer-facing employees are often lucrative targets for phishing, as detailed in our previous blog post.