Recently, Malwarebytes launched an integration of its ThreatDown Nebula and OneView platforms with Google Chronicle SIEM to offer MSPs and MSSPs a more seamless and powerful way to enhance their threat intelligence capabilities.
Malwarebytes and Google: A new security pairing
Nebula is a solution for monitoring and protecting devices against threats and OneView is a security management platform that streamlines management of endpoint security, licensing subscriptions, role-based access, customer reporting, and add-on modules. By combining the two with Google Chronicle SIEM, IT teams will be able to perform advanced filtering with precise search parameters, streamline data import, and gain deeper insights into suspicious activities with Google Chronicle’s Unified Data Model.
“I’m thrilled to share how ThreatDown’s integration with Google Chronicle SIEM is set to transform both MSPs and businesses alike,” said Brian Kane, Senior Director, Global Channel and Alliances, ThreatDown. “For MSPs, it offers the ability to deliver faster threat detection and improved incident response, elevating their security services to new heights without adding complexity.”
Once the integration is fully configured with threat intelligence capabilities, Nebula and OneView will start exporting logs directly into Google Chronicle SIEM, enabling users to access comprehensive data on suspicious activities and other detection events. Additionally, users will be able to use the advanced capabilities within Google Chronicle SIEM to search and analyze data.
The integration of Google Chronicle SIEM extends Nebula and OneView’s detection data retention beyond their native limitations and offers IT teams long-term storage and analysis, giving them greater control to act on critical alerts.
“For businesses, this means enhanced visibility and streamlined security operations that scale with their growth, Kane said. “This integration is a win for the entire channel, empowering everyone to stay ahead of emerging threats and deliver enterprise-grade protection efficiently.”
ThreatDown State of Ransomware
This new integration comes on the heels of Malwarebytes releasing its 2024 ThreatDown State of Ransomware report, a playbook designed to help service providers curb ransomware attacks.
The report highlights a surge in malicious activity across both the US and UK, with 63 percent and 67 percent increases in malicious activities, respectively. Malwarebytes’ report also indicated that there are significant shifts in the tactics and strategies employed by cybercriminals that underscore the necessity for organizations to implement around-the-clock monitoring and to thoroughly investigate suspicious behaviors.
“Ransomware gangs have time and motivation on their side. They constantly evolve to respond to the latest technologies chasing at their tails,” Marcin Kleczynski, Founder and CEO, Malwarebytes said in a press release. “We’ve seen this very distinctly over the past year as widespread adoption of technologies like EDR has helped identify attackers before they launch malware, pushing ransomware gangs to work more quickly and put more effort into hiding themselves. Organizations and MSPs need additional support and continuous coverage to outmaneuver today’s criminals.”
Other key findings in the report include:
- The US accounts for 48 percent of all ransomware attacks worldwide, but suffer 60 percent of the world’s attacks on education and 71 percent of attacks on healthcare
- Manufacturing saw a 71 percent year-on-year increase in ransomware attacks
- Most ransomware attacks occur between 1:00 a.m. and 5:00 a.m.
- The entire ransomware attack chain has reduced from weeks to hours
Having the best channel partners is key to service providers’ success. Discover what other channel partner programs stand out in today’s IT landscape.