New dangers attract new solutions and solution categories in security all the time. The threat posed by out-of-control machine identities, for example, is attracting attention from vendors of various kinds even before agentic AI blows the issue beyond all current proportions.

But in the world of SMB security at least, the motivation behind many new solutions, regardless of the risk they’re meant to mitigate, is a desire to create simpler, multi-tenant, affordable versions of solutions normally available only to corporate IT. That’s certainly what led Jon Murchison and Kyle Hanslovan to help found Blackpoint Cyber and Huntress, respectively, after working at the NSA. It’s also what led David Primor, former director of the Israeli government’s cyber authority, to co-found Cynomi, the vCISO platform we’ve discussed here before that announced a $37 million Series B funding round last week.

And it’s the inspiration behind attack surface management vendor Cavelo’s campaign to do for SMBs and MSPs what Qualys, Tenable, and Varonis do for big business IT departments.

“Those are the big guys out there,” observes Larry Meador, who became the company’s first-ever channel chief in January. “They’re the enterprise players, but they also have enterprise price tags. So we’re giving that level of quality at an MSP-friendly price point.”

Cavelo’s approach to realizing that goal begins with asset discovery, data discovery, and identity access management capabilities designed to help MSPs inventory all the devices, SaaS apps, cloud instances, and sensitive information on a customer’s network and see who can view or edit it. Additional functionality then helps them find and prioritize vulnerabilities in that landscape. The prioritization component is key, notes CEO James Mignacca (pictured), a former MSP, given just how many issues Cavelo’s software typically identifies.

“There’s too much risk out there,” he says. “You have to look at it in a multidimensional view in your organization to really break down where should I be spending all my time remediating and lowering that risk vector to try to prevent a data breach.”

That most businesses have trouble simply mapping their attack surface in the era of hybrid work, cloud-based everything, and IoT just makes that need more pressing. “They don’t know what devices are on the network, they don’t know where the sensitive data is, where they are at risk,” Meador observes. “How do you protect what you can’t see?”

Large organizations have been asking that question for years, but MSPs (as Liongard will no doubt attest as well) are asking it more frequently now too. Meador’s assignment in his new role is making sure more of them know there is an answer aimed specifically at them.

“This is, as I call it, the brand building year,” he says. “We may not be as popular as a Kaseya or a ConnectWise, but I think by the end of this year a whole lot more people are going to know not only who Cavelo is but what Cavelo does.”

Certificate tsunami

Cavelo helps MSPs manage attack surface. How big a stretch is it for me to say that MSP Chat, the podcast I co-host, helps MSPs expand their insight surface?

OK, big stretch, but you will learn a lot by listening to the audio edition or watching it on YouTube. This week’s episode features Mark Bloom of Sectigo, who you met here a few weeks ago, discussing the certificate tsunami that’s about to turn TLS certificate management from a nice source of extra MSP income to a monumental end user need.