Skip to content

Guardz Launches ITDR: To Stay Ahead of Evolving Identity Attacks

Identity is the new perimeter. And right now, attackers are walking straight through it.

More than 60% of cyberattacks in 2024 exploited compromised credentials and hijacked sessions, not malware or phishing attachments; just everyday users unknowingly turned into breach vectors. These identity-based threats are stealthy, fast-moving, and increasingly common.

The reality for today’s MSPs is this:

You can’t defend what you can’t see. And you can’t afford to miss what’s hiding in plain sight. Unlike traditional threats that set off endpoint alerts or endpoint alerts, identity-based attacks are subtle by design. Attackers log in using real credentials, hijack tokens, and blend in with user activity to evade detection, often resulting in advanced persistent threats.

Introducing Guardz Identity Threat Detection & Response (ITDR)

Today, we’re excited to launch Guardz ITDR, a core security control included in every Guardz plan. It’s purpose-built to reduce human risk and keep users secure across identities, endpoints, email, cloud, and data.

As part of the Ultimate plan, ITDR is reinforced by the Guardz 24/7 MDR Team, who monitor, triage, and respond to threats in real time. It uses a powerful blend of AI agents to find anomalies and enrich data while delivering around-the-clock SOC support to detect and contain threats before damage is done.

Under the hood, ITDR leverages a combination of cyber research, threat hunting, agentic AI, and behavioral analytics to identify suspicious activity and automate containment in real-time.

Here’s what sets Guardz ITDR apart:

Real-time behavioral detections

Spots threats like token theft, impossible travel, mailbox takeovers, and credential abuse using enriched log data and machine learning.

Agentic AI + human threat hunters

Our Guardz Research Unit (GRU) works hand-in-hand with AI agents to identify new attacker behaviors and translate them into detection logic.

Smarter triage, faster response

Guardz AI automatically triages findings and escalates only the real threats to our MDR team. SOC analysts validate incidents and take action while guiding MSPs through the right response, whether that’s suspending a user, isolating a device, or taking more nuanced next steps.

Detection and response are fast, contextual, and built for MSP workflows.

Designed to cut through the noise and take action faster

Too many security tools drown MSPs in alerts without context or clear action paths. Guardz ITDR is different.

It pulls identity and log data from your clients’ environments, analyzes it for behavioral anomalies, and surfaces only the most relevant risks, fully enriched with user context.

Because Guardz ITDR is embedded in the broader platform, MSPs get visibility not just into identity threats but also into how those risks intersect with other vectors of risk such as endpoints, email, data, web and training.. The result is a more holistic, more actionable threat picture.

Built on the Guardz threat research engine

Guardz ITDR is backed by a structured pipeline that continuously evolves to meet emerging threats:

  1. Research
     Our GRU and AI agents uncover new identity-based techniques in the wild.
  2. Detection
     Abnormal patterns are turned into real-time detection rules and deployed across the Guardz platform.
  3. Response
     Incidents are triaged by AI, validated by human analysts, and delivered to MSPs with response guidance.

This tight feedback loop allows us to push high-quality detections fast, without waiting for legacy pipelines to catch up.

Already proving its value in the field.

ITDR has been rolling out gradually in beta and early adoption for several months now. The results speak for themselves:

  • Detection of multiple real-world identity attacks
  • Faster incident response across cloud environments
  • Fewer false positives and clearer prioritization
  • Better visibility into user risk and behavioral patterns

MSPs feedback has been clear as they finally feel like they can stay ahead of identity-based threats, without adding more complexity to their stack.

Available now as part of the Guardz platform

The ITDR capability is now available to all customers on the Guardz platform. 


24/7 MDR support for ITDR incidents is included for Ultimate Plan customers.

Whether you manage five tenants or fifty, Guardz MDR including SentinelOne and now ITDR, equips you with the tools to move faster than the attackers targeting your users.

Start Free Trial

About Guardz
Guardz is on a mission to create a safer digital world by empowering Managed Service Providers (MSPs). Their goal is to proactively secure and insure Small and Medium Enterprises (SMEs) against ever-evolving threats while simultaneously creating new revenue streams, all on one unified platform.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Scale Computing Platform Recognized in G2 Summer 2025 Report

Scale Computing Platform Recognized in G2 Summer 2025 Report

A look at the accolades and customer feedback from the latest report.

Scale Computing is excited to announce its recognition in the G2 Summer 2025 Report, earning a total of 45 badges across two key categories: Server Virtualization and Hyperconverged Infrastructure (HCI). This achievement is based on authentic, real-world reviews from users who rely on the SC//Platform to manage their IT operations.

Server Virtualization

In the Server Virtualization category, the Scale Computing Platform received 20 badges, including the coveted **Leader** and **Momentum Leader** badges. The platform achieved the highest satisfaction score in this category, with an impressive 96% of users stating they would recommend the platform.

Hyperconverged Infrastructure (HCI)

Scale Computing was also named a **Leader** in the Hyperconverged Infrastructure category, earning an additional 25 badges. Highlights from this category include honors for **Best Support**, **Fastest Implementation**, and **Easiest to Use**. All reviewers in this category gave a 4- or 5-star rating, reflecting strong customer satisfaction.

Why Customers Choose SC//Platform

The positive feedback from users highlights several key benefits of the Scale Computing Platform. Customers appreciate the platform’s ability to simplify IT management, reduce costs compared to legacy solutions, and provide seamless migration options. The platform is also recognized for its operational efficiency and scalability, making it a powerful alternative for businesses moving away from traditional virtualization.

These G2 badges are a testament to the real-world experiences of SC//Platform users and a reflection of Scale Computing’s unwavering commitment to customer success.

About Scale Computing
Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Scale Computing HC3 software eliminates the need for traditional virtualization software, disaster recovery software, servers, and shared storage, replacing these with a fully integrated, highly available system for running applications. Using patented HyperCore™ technology, the HC3 self-healing platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime. When ease-of-use, high availability, and TCO matter, Scale Computing HC3 is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, Spiceworks, TechValidate and TrustRadius.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

How to find Roundcube Webmail on your network

Latest Roundcube Webmail vulnerability #

vulnerability has been disclosed in Roundcube Webmail stable versions from 1.5 prior to 1.5.10, and stable versions 1.6 prior to 1.6.11 that would allow a remote, authenticated attacker to perform remote code execution (RCE) due to deserialization of untrusted data. The _from parameter in a URL is not validated in program/actions/settings/upload.php, resulting in untrusted PHP Object Deserialization. This vulnerability has existed within the product for approximately 10 years.

This vulnerability has been designated CVE-2025-49113 and has a CVSS score of 9.9 (critical).

What is the impact? #

Successful exploitation of this vulnerability would allow an attacker to execute arbitrary code on the vulnerable system, potentially leading to complete system compromise.

Are any updates or workarounds available? #

Roundcube has released updates to mitigate this issue. Users are encouraged to update to the latest stable version as quickly as possible.

  • For Roundcube Webmail stable version 1.5, update to version 1.5.10 or later.
  • For Roundcube Webmail stable version 1.6, update to version 1.6.11 or later.

How do I find Roundcube Webmail installations with runZero? #

From the Service Inventory, use the following query to locate potentially impacted assets:

_asset.protocol:http AND protocol:http AND ((has:html.title AND html.title:="RoundCube%") OR (has:favicon.ico.image.md5 AND (favicon.ico.image.md5:="924a68d347c80d0e502157e83812bb23" OR favicon.ico.image.md5:="f1ac749564d5ba793550ec6bdc472e7c" OR favicon.ico.image.md5:="ef9c0362bf20a086bb7c2e8ea346b9f0")))

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Integrating ITIL and Cybersecurity Frameworks to Improve Security Governance

Introduction: 

A brief overview of ITIL and cybersecurity frameworks 

No matter how robust your defenses against cyber threats may be—whether in the form of firewalls, detection systems, or security teams—they’re meaningless without a coordinated, efficient system in place. 

This is where ITIL best practices play a crucial role in the field of cybersecurity. 

What is ITIL? 

ITIL is a set of practices and guidelines designed to optimizemanagement of IT services. For a deeper dive, explore  our blog post What is ITIL (IT Infrastructure Library)?.

The Need to Integrate Cybersecurity into ITIL 

With IT infrastructures growing increasingly complex and cyber threats becoming more sophisticated, integrating cybersecurity frameworks with ITIL has become essential for ensuring solid security governance. This integration aligns security with IT operations, improving the capacity to respond to incidents and minimizing risks. 

At a practical level, ITIL provides an organizational structure for service management, while cybersecurity frameworks like NIST and ISO 27001 focus on proactively managing vulnerabilities. 

Infographic – The status of SMB IT in 2026

Explore how AI, automation & integrated ITSM/ITAM are reshaping IT strategy—at every scale.

DOWNLOAD NOW

The Benefits of Security Governance through Framework Alignment 

Aligning ITIL with cybersecurity frameworks yields several key benefits: 

  • Better Risk Management: Integrating security controls into ITSM processes enables more effective risk management. 
  • Rapid Incident Response: Unified incident management processes guarantee a swift response to attacks. 
  • Increased Compliance: Ensuring compliance with security regulations and standards is easier when frameworks are integrated.  
  • Operational Efficiency: By reducing duplication and overlap in processes,this alignment enhances IT resource optimization, improving  efficiency and productivity. 

Understanding the ITIL Framework 

Key Concepts of ITIL and its Support for IT Service Management 

The ITIL framework offers organizations a structured approach to managing and optimizing IT services, while simultaneously reducing risks. It serves as a reference framework within which IT Service Management operates, focusing on organization, profitability, and productivity. 

At the core of these processes is the management of the service lifecycle, which includes five main phases: strategy, design, transition, operations, and continuous improvement. 

Tailoring ITIL to meet the specific goals of your organization is crucial. That’s why EasyVista offers an advanced solution for implementing ITIL processes that allows IT services to be aligned with your company’s unique needs, while at the same time integrating the best tools for security governance. With the EasyVista platform, companies can automate and manage ITIL processes, reducing risks and improving compliance. 

For more information on how EasyVista supports ITIL implementation , visit our dedicated page. 

ITIL Processes Relevant to Security Management 

Several ITIL processes play a vital role in strengthening IT security: 

  • Incident Management: Helps identify and resolvesecurity incidents, quickly, reducing downtime. 
  • Change Management: Manages changes to IT systems in a way that minimizes associated security risks. 

Configuration Management: Ensures up-to-date IT asset inventories, preventing  vulnerabilities from outdated configurations. 

Exploring Cybersecurity Frameworks 

Overview of NIST and ISO Cybersecurity Frameworks  

Cybersecurity frameworks provide organizations with  a structured approach to managing risks and protecting data. 

The two most widely utilized cybersecurity frameworks are: 

  • NIST Cybersecurity Framework: Provides a structure for managing cybersecurity risks through five key functions: identify, protect, detect, respond, and recover. 
  • ISO/IEC 27001: An international standard that ensures a systematic approach to information security management, reducing data protection risks. 

Common Security Controls and Their Importance 

Both frameworks rely on common security controls, such as: 

  • Access Control: Ensures that only authorized users can access sensitive information. 
  • Security Event Monitoring: Detects and responds to incidents in real time. 
  • Audit Logs: Tracks and records all activities, enabling quick responses to security breaches while also creating a mechanism for continuous prevention and improvement. 

How Cybersecurity Frameworks Complement ITIL 

ITIL and cybersecurity frameworks work best when integrated. This synergy is critical for enhancing security and operational efficiency. 

Cybersecurity frameworks provide specific tools for risk management that align perfectly with ITIL processes. For example, NIST’s risk management controls can easily be integrated into ITIL’s change management practices, ensuring that all changes to IT systems are executed securely. 

Aligning Cybersecurity Policies with the ITIL Framework 

Integrating Security Controls into ITIL Processes 

By integrating security controls into ITIL processes, organizations ensure that every change made to the IT infrastructure is evaluated for both technical effectiveness and security impact. 

This reduces the risk of exposure to cybersecurity threats while maintaining operational continuity and regulatory compliance. 

Enhancing Incident Management and Risk Mitigation 

By integrating cybersecurity frameworks with ITIL’s incident management, organizations can enhance their response capabilities, mitigating risks quickly and protecting company data from escalating threats. More integration means more protection, faster actions, and enhanced security. 

Managing Security Risks through Change and Configuration Management 

Aligning ITIL with cybersecurity frameworks ensures that every change to the IT infrastructure undergoes a thorough risk assessment before implementation. 

Configuration management, on the other hand, guarantees that all IT resources are properly documented and monitored, protecting  corporate data. These are two steps are critical to maintaining security. 

Challenges and Solutions 

Obstacles in Integrating ITIL and Cybersecurity Frameworks 

Some of the most common integration challenges include resistance to change, skill gaps within the organization, and the complexity of legacy systems—issues faced by nearly every organization undergoing digital transformation. 

Strategies to Overcome Implementation Challenges 

Here are three strategies to overcome the challenges of integrating ITIL with cybersecurity frameworks: 

  • Adopt a Gradual Approach: Implement the changes in phases to reduce overwhelm. 
  • Continuously Train IT Teams: Keep your teams up to date on best practices in both cybersecurity and ITIL. 

Automate Processes: Reduce human involvement in repetitive tasks to boost productivity and  employee satisfaction. 

Continuous Improvement in Security Governance 

What is the ultimate and most important goal of integrating ITIL with cybersecurity frameworks?  

Continuous improvement.  

This approach helps organizations continually  review and update security policies in response to new threats learning from past experiences to strenthen future defenses. 

Conclusion: Automation and the Future of Security Governance in ITSM 

Automating Security and ITSM Processes 

Automation is the clear path forward for security and IT service management, offering wide-ranging advantages. However, it’s also crucial to adopt a holistic approach to IT architecture for true digital maturity. 

How can this goal be achieved? 

By leveraging platforms like EV Service Manager, which drive digital transformation while enhancing security governance. The benefits include lower costs, increased productivity, adaptability to existing systems within the company, and—most importantly—improvements in all aspects of security governance. 

For more details, see the relevant information here. 

Key trends shaping the future include the increased use of automation, machine learning, artificial intelligence. 

As these technologies continue to evolve, expect deeper integration between cybersecurity and ITSM, with a stronger emphasis on AI-driven tools to anticipate and neutralize threats before they escalate. 

 

Request a demo or trial

About EasyVista  
EasyVista is a leading IT software provider delivering comprehensive IT solutions, including service management, remote support, IT monitoring, and self-healing technologies. We empower companies to embrace a customer-focused, proactive, and predictive approach to IT service, support, and operations. EasyVista is dedicated to understanding and exceeding customer expectations, ensuring seamless and superior IT experiences. Today, EasyVista supports over 3,000 companies worldwide in accelerating digital transformation, enhancing employee productivity, reducing operating costs, and boosting satisfaction for both employees and customers across various industries, including financial services, healthcare, education, and manufacturing.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.