AI-Native Approaches to AI-Era Managed Services
A growing crop of startups is reimagining rather than merely automating MSP workflows. Plus: vibe flowing from Rewst, “big stuff” from Huntress and Microsoft, and Barracuda’s latest platform plays.
Spoiler alert: I’ve got a post coming soon about what a typical MSP’s workforce will look like a few short years from now when agentic AI has progressed from frontier technology to new normal. Providers leveraging agents to their fullest will need a lot fewer people in familiar roles (like L1 technician and service dispatcher) and a lot more in roles that don’t yet exist (like the “agent bosses” Microsoft sees coming).
They’re also going to need a whole new set of AI-native tools designed to reimagine business processes rather than merely automate them. Today’s solutions aim to do what MSPs always have more efficiently. Tomorrow’s will enable them to think, move, and grow in ways just now coming into view.
I’m running into more and more vendors trying to build such solutions these days, including Cyft. An AI startup with $5 million of funding from venture capital firm Base10 Partners and other investors at its disposal, the company plans to launch an automated, AI-powered documentation tool called Sam in October. The name is short for “service activity memory,” but apparently Samantha as well.
“Her purpose is to make the path of least resistance for the technician the same as the path of absolute accuracy for the business,” says co-founder and CEO James Farrow (pictured) of the system.
It’ll do that by listening in on help desk calls, capturing absolutely everything it hears, and using that information to update tickets, produce documentation, and draft client-ready resolution reports. Later, the same AI that made all that possible will feed relevant details from past issues to technicians dealing with new ones.
“Sam will just surface the context you need for exactly what you’re working on,” Farrow says.
All very helpful, but things start getting more interesting next spring when Cyft’s second product, called Sage, starts automatically turning the masses of data collected by Sam into business intelligence.
“Imagine that a VP of sales is on every single customer interaction listening for upsell opportunities,” Farrow says, along with a CFO listening for billing problems, a customer success manager listening for CSAT signals, and a competitive analyst listening for references to other MSPs.
“An MSP owner will get an alert that says something like, ‘hey, this customer has a 73% chance of churn,’” Farrow explains. “They mentioned a competitor four times. They started asking about their billing more frequently over the last 90 days. You missed these two SLAs over the last 90 days.”
The picture starts becoming agentic moreover at a point still TBD when Simon, the third solution on Cyft’s roadmap, arrives to turn responses proposed by Sage into automated actions. Take that high-risk churn candidate, for example. Sage might advise an MSP to upgrade their service package or offer them a 20% discount.
“When they click one of those options, Simon’s able to execute a very complex set of steps on behalf of the MSP to take that action,” Farrow says.
Importantly, he continues, Cyft will realize its vision without displacing anyone’s current tool stack. When it ships this fall, Sam will integrate with IT Glue, Hudu, and another, as yet unnamed documentation system as well as leading PSA and RMM systems from ConnectWise, Halo, Kaseya, and NinjaOne. The goal, according to Farrow, is to weave those systems together in a way that lets machines handle daily blocking and tackling so MSPs can “focus on the human components that make them special.” Today, for example, technicians call end users to fix problems.
“How amazing is it if a technician or an account manager can call and actually ask about their strategic roadmap because they’re not putting out fires all day long?” Farrow asks. “That’s the future that we see.”
Devicie aims to automate Intune
Devicie is pursuing a similar future for device management. Spun out of an Australian MSP in 2019, the company makes software designed to help MSPs benefit from using Microsoft’s Intune platform without putting in the effort that normally requires.
“We’re not trying to be a tool,” says Colin Britton (pictured), Devicie’s COO. “What we’ve always been looking to do is provide an automation layer and a more holistic approach to managing Intune.”
The system either implements policies you’ve defined automatically or suggests pre-validated policies for you. Then it reports on compliance with those policies and auto-remediates deviations. Additional app management functionality augments Intune’s relatively limited testing, patching, and deployment features for third-party and custom software.
The result, according to Britton, is a system that does for MDM what MDR does for EDR. “We’re like your MDR for Intune,” he says, only in-house and fully automated.
The target market is both smaller MSPs with limited bandwidth and larger ones with massive responsibilities. “If you’re an MSP with tons of technicians or upwards of a hundred tenants, there’s no way you know what’s going on in all of your Azure instances all the time,” Britton observes. “You need a management platform to really help do that.”
Insight Partners, the private equity firm with stakes in Kaseya, SentinelOne, and Veeam, among others, invested $14 million in Devicie three years ago and an unspecified additional sum this April. The company’s using that money to build out a U.S. go-to-market team in the near term and develop Cyft-like autonomous management capabilities in the longer term.
“Most people’s automation at this point, and ours included, is about doing repetitive tasks in a reliable and consistent manner,” Britton says. In the future, by contrast, Devicie will proactively inform technicians that it’s found previously unknown apps and offer to support them.
“The technician can say, ‘yes, put them under management,’” Britton says.
Distributed by TD SYNNEX already, the system will soon be available on the Pax8 marketplace as well.
Rewst adds vibe flowing
Turns out Cyft and Devicie have more in common than a desire to ease MSPs into the agentic future. Both consider RPA vendor Rewst an important partner too.
Cyft’s debut product will point technicians to relevant Rewst automations in real time during customer calls. Devicie, meanwhile, is using Rewst’s platform as a kind of ersatz API for connecting its software to PSA solutions.
“Why would we bother going and writing integrations with all the PSA tools when we can pick up Rewst and work with them to do all of those integrations?” asks Britton.
It’s striking, in fact, how often Rewst comes up without any prompting on my part in conversations with both vendors and MSPs. I expect it to happen even more often going forward based on some of what the company announced at its recent FLOW user conference.
I’m thinking in particular of the natural language prompting Rewst has added to its RoboRewsty AI copilot. In principle, Rewst has been empowering RPA newcomers to create workflows for years. In reality, building automations often took specialized skills even with RoboRewsty’s help.
“We had to pull in our development team to help us start to understand it,” recalls Joshua Skeens, CEO of managed services heavyweight Logically, of the company’s first experience with Rewst. Adding genAI prompting to the system eliminated that issue.
“You can just type, ‘I want to auto-dispatch tickets and this is what I want it to look like,’” Skeens says. “It will help build those workflows for you without having to have a true programmer on staff do it.”
Sounds to me like the RPA equivalent of vibe coding. Vibe flowing?
“You can take someone who’s never used Rewst before and they can use the RoboRewsty interface to ask it to build a workflow,” says Aharon Chernin (pictured), the company’s CEO. The result is an expanded addressable market that newly includes MSPs without RPA know-how (not to mention all their clients).
“It opens up the doors to eighty to ninety percent of the market,” Chernin says. “The only marker now of who is a good Rewst user and who is not is do they get tickets.”
Like Cyft and Devicie, it’s worth noting, Rewst is both leveraging generative AI now and building toward agentic AI in the future. Rewst’s embrace last month of MCP, the agent-friendly protocol everyone from Microsoft and Google to (just in the last week) Keeper Security and Bitwarden uses to ease integration between AI and data sources. It’ll take a while to get there, according to Chernin, but someday Rewst’s new MCP server will make natural language prompting a bygone relic of an earlier time.
“The most mature, intelligent platform will use AI to identify what to automate and then automatically build the automation and automatically turn it on without you ever knowing,” he says. “No product does this today, including Rewst, but it’s something we can shoot towards as an automation industry.”
Huntress has “big stuff” coming with Microsoft
Channelholic regulars may recall my launch coverage of Syncro’s XMM offering. They may recall as well that the Microsoft 365 management piece of that RMM/PSA/M365 management solution is derived entirely from Microsoft software and that future additions to the system will use Microsoft services as well, primarily due to Syncro CEO Michael George’s ironclad conviction that the ultimate victor in any SMB software market Microsoft competes in—very much including security—will be Microsoft.
“I think you should assume that we are making a big bet on Microsoft being the dominant platform and provider in this space,” he told us back in May.
So too, it turns out, is Huntress. Not that you’d know it based on the relatively muted press release the security vendor published last week about a new agreement with Microsoft to get SMBs paying for unused Microsoft Defender solutions via a Microsoft 365 subscription signed up for managed security from Huntress, which supports Microsoft Defender for Endpoint, Defender for Business, and Defender Antivirus. Huntress has brought some 225,000 previously unprotected endpoints under management that way this year alone, and believes there are close to a million others out there among its existing customers alone.
“I just hate to see people wasting budget,” says CEO Kyle Hanslovan (pictured). “It’s just freaking crazy that they’re paying for products that they’re not leveraging.”
Don’t be fooled though, Hanslovan continues. Closing that gap may be the starting point for his newly deepened relationship with Microsoft but it’s not where the two companies are ultimately headed.
“We’re being a little bit cagey in regards to how much we share today,” Hanslovan says.
“There’s some big stuff, but Microsoft’s just not ready to talk about that stuff yet.”
Big stuff? How big? Hanslovan, it was clear during our conversation, would sooooooo like to answer that question but can’t without angering a hugely strategic partner. He can and did drop a few hints, however:
1. It involves closer integrations with Microsoft than most security vendors have, which Huntress will use to provide better protection than most security vendors can.
“There’s some pretty deep collaboration giving us access to data very fast,” Hanslovan suggests. “We’re starting to actually open up new APIs.” The result, he adds, will be a distinct edge over less privileged competitors.
2. Huntress’s current all-AWS infrastructure can’t support those new integrations, so the company will port its entire backend tech stack over to Microsoft Azure.
“It’s probably going to take me a full year to do this migration, but the upsides of being on Azure are substantial,” Hanslovan says.
3. Those upsides could include what sound like new and perhaps jointly delivered products of some sort. “The next part is to collaborate and build technology together,” Hanslovan says. “That’s where we think this one plus one equaling way more than two is really going to play out.”
And no, Hanslovan emphasizes to those who may be wondering, Microsoft won’t be buying Huntress or investing in it like it did with Veeam earlier this year. “There’s no M&A, nothing crazy like that,” he says. Nor will the agreement result in Huntress being Microsoft’s one and only go-to in any security categories going forward.
“I don’t think Microsoft does exclusives,” Hanslovan says.
Nor does Huntress. “We’re never going to be a Microsoft-only shop,” Hanslovan states. Yet the deal makes sense for everyone involved just the same starting with Huntress itself, Hanslovan insists. Hackers, he notes, have three targets in their sights these days: endpoints, cloud identities, and AI.
“Microsoft has the dominant market share with the Windows operating system, they have the dominant market share with Microsoft 365 for the identity systems, and they have the largest investment in OpenAI, which is the largest, most established AI system,” Hanslovan says. “You’d be crazy not to service the biggest, most vulnerable, and highly targeted markets.”
Huntress’s MSP partners will benefit too every time a client exchanges a security solution they’re paying for with a Defender equivalent included in their Microsoft 365 license.
“If I can get better [Defender] adoption, well, now I’m freeing up budget, and now I can help my partners actually make a difference, make more money, maybe invest in technology,” Hanslovan says.
Microsoft, finally, will come out ahead as well by forging stickier relationships among M365 users. “Microsoft is realizing that if people are fully using their stack they might not churn off that revenue,” says Hanslovan.
Time will tell if everything plays out as he hopes and exactly what the two companies have in store. Whatever it is, though, has more than a handshake behind it.
“I wouldn’t move from Amazon Web Services to Azure if this was theoretical,” Hanslovan says. “It’s a locked-up contract, a done deal.”
Hanslovan in his own words
We didn’t talk about Microsoft, but Hanslovan was on MSP Chat, the podcast I co-host, just a few months ago. That episode is available here. Others featuring equally prominent industry luminaries can be found here.
Barracuda’s latest platform plays
We talk fairly regularly here about the power and appeal of platforms, especially in security. One of the many things I couldn’t talk about during my recent absence was that Barracuda has now joined everyone from Acronis and SonicWall to Trend Micro and WatchGuard in having a platform.
Called BarracudaONE, it looks newer than it really is, according to Brian Downey, Barracuda’s vice president of product management. “We’ve had a platform forever, even if at times we haven’t come out and said it,” he notes. Now that platform has a name, plus single sign-on and a shared portal that an increasing share of Barracuda partners have access to at no extra cost.
More recently, it has two new member solutions as well. The first, introduced late last month, takes aim at the scary fact that there were more than 40,000 new CVEs published in 2024, per Cisco’s Talos intelligence unit, and another 131 on average have been showing up every day this year. Keeping up with that onslaught takes time and expertise many MSPs lack and others have better uses for.
Hence the logic of outsourcing the job to something like Barracuda’s new Managed Vulnerability Security solution. According to Greg Saenz (pictured), Barracuda’s vice president of channels for the Americas, the new offering gives smaller MSPs an easier way to add an important service than investing in new tools and people.
“You can provide more value to your customers faster by partnering with somebody like Barracuda,” he says.
MSPs with the skills and resources to do vulnerability management stand to benefit as well, he continues. “Even if you have a developed practice, we can make that practice more cost-effective.”
MSPs of all sizes and sophistication levels are likely to get project work out of the service too, Saenz notes. “The readout from it and what comes back is a lot of recommendations that need to be actioned,” he says.
The other, more recent, addition to BarracudaONE takes aim at another scary fact: Microsoft retains the mission-critical data in Entra ID directories for a grand total of 30 days. That’s kind of a narrow window, especially for businesses in regulated industries that are required to retain the data for varying amounts of time that can all safely be characterized as longer than 30 days.
Barracuda’s new Entra ID Backup Premium subscription lets businesses meet such requirements for a couple of bucks per user per month. The service supplements an earlier edition that protected users, groups, roles, and other basics with coverage of audit logs, BitLocker keys, Intune policies, and more.
Saenz, without providing specifics, says there are more solutions coming to BarracudaONE in the future, through a combination of internal development and third-party alliances. And maybe acquisitions as well, to round out the “build, buy, and partner” trio?
“They’re all open,” Saenz says.
Also worth noting
Cyber insurer Cowbell, in partnership with security service provider Accorian, has rolled out a compliance-as-a-service offering.
Appgate has a new solution for tracking app access and restricting it.
AppOmni, meanwhile, has received FedRAMP Moderate Authority to operate.
Intermedia’s contact center platform now has an AI tool for supervisors offering live customer sentiment analysis, key topic detection, instant transcripts, and more.