Death to Seams
Kaseya, Syncro, and Blackpoint Cyber have declared war on the seams between “seamlessly integrated” solutions. Is multi-function software with one interface and very few integrations what MSPs want?
Because one conference is never enough for a true channelholic, I attended two last week, Kaseya Connect in Las Vegas and the RSAC Conference in San Francisco. Predictably, I returned home with way more material than I could fit in a single post. So consider this one a down payment. I’ll have more from the Kaseya conference coming soon in a bonus post and then my RSAC coverage on Friday.
Generally speaking, journalists should avoid speaking on behalf of the people they’re interviewing. Yet that’s exactly what I did recently while interviewing Syncro CEO Michael George about a then-forthcoming solution.
The solution in question, called Syncro XMM, fuses what would otherwise be three distinct functions—RMM, PSA, and Microsoft 365 management—into a single, fully unified system free of the context switching, security gaps, and other issues produced by the inevitable seams between “seamlessly integrated” products, including seamlessly integrated products from the same vendor. MSPs, according to George, won’t put up with that overhead anymore once Syncro XMM and solutions like it give them an alternative.
“We are the first of a wave, I believe, that will be offering XMM,” he says. “We think it’ll be a whole new category of product.”
The implications, if he’s right, are more radical than you might think. For over two decades now, vendors who serve MSPs have agreed on the virtues of three things: motherhood, apple pie, and cross-product integrations. According to George, however, it’ll soon be just motherhood and apple pie.
Forgive me for putting words in your mouth, I told him, but it sure sounds like you’re predicting that managed services software makers are on the verge of leaving integrations and APIs behind after many years of devotion to them in favor of software that gives MSPs everything they need in one application with one interface.
“You just put words in my mouth beautifully,” George (pictured) replied. “We’re in the business of helping you eliminate the need for multiple solutions and integrations because we’re providing it all on a single platform.”
Or within a single product, really. You’ve read plenty before about platforms in Channelholic if you’re a regular, including how they feed into a widely held desire among MSPs to work with fewer vendors. Fewer vendors, however, doesn’t necessarily mean fewer tools, and it’s tool sprawl more than vendor sprawl that’s sapping productivity, effectiveness, and technician morale, according to Mike Estep, chief client officer at security vendor Blackpoint Cyber.
“Right now, every tool does 80% of what I want and I need 30 tools for the last 20%,” he says. MSPs want to consolidate tools at least as much as vendors as a result.
That’s exactly what CompassOne, the unified security posture and response solution Blackpoint introduced last Monday, is designed to do. The same goes for Syncro XMM and Kaseya’s brand-new Kaseya 365 Ops, both of which debuted Tuesday. As I sometimes joke, one instance of something is a fluke, two is a coincidence, and three is a trend. Judging by the fact that three vendors all introduced solutions with similar tool-consolidating objectives in a roughly 24-hour span suggests we’ve got ourselves a trend here.
Vendors, it appears, are increasingly betting that MSPs will reward them for building solutions with multiple functions, one interface, and very few integrations.
Kaseya takes on every MSP’s number one expense: labor
Let’s dive into Kaseya 365 Ops first, because its launch last week during the Kaseya Connect conference in Las Vegas was arguably the splashiest of the three.
The new system is the latest member of a growing Kaseya 365 family that also includes Kaseya 365 Endpoint for endpoint management and Kaseya 365 User for end user security. Ops combines PSA, documentation, billing, accounts receivable, quoting, and other tools that operations professionals rely on, and like its predecessors, is disruptively priced. Partners who buy all those components separately pay about $400 per employee per month, according to Kaseya. Those who buy them in Ops instead will pay $129, and just $119 under promotional pricing.
According to recently named chief product officer Jim Lippie (pictured), though, the money users save on licensing isn’t where Ops really makes its mark. “Ultimately, it’s all about saving time,” he says. “When you save time, you save labor costs and that’s the number one cost of every MSP.”
Indeed, you just knew a K365 SKU aimed at cutting labor costs would arrive eventually, because there was no way Kaseya could reach its oft stated goal of closing the gap between the 10% margins MSPs typically make and the 35% margins that doctors and lawyers typically make without addressing the high price of labor. According to Kaseya, early Ops adopters are saving 160 hours a month on average. “So now they can add more customers without adding more people,” Lippie observes.
Kaseya gives much of the credit for those time savings to the 50 added AI-powered workflow automations included with the new solution. But a help desk demo performed onstage by Nadir Merchant, CTO and general manager of Kaseya’s IT operations suite,
highlighted another contributing factor: Kaseya 365 Ops doesn’t so much integrate separate tools as blend them into one big thing.
“That’s an example of an end-to-end ticketing experience using three different tools where the technician never had to log into a new solution, navigate to a new tab, or search for what they were looking for,” said Merchant (pictured above) of the simulated support he’d just delivered. One solution, faster resolution, less overhead.
Syncro bets it all on Microsoft
True Channelholic stans knew Syncro had a big IT and security management product coming well before last week. George told me as much last August. Devoted readers have known approximately when that solution would arrive since January, moreover, and that it would emphasize left-of-boom threat prevention more than right-of-boom detection and response.
“The economics associated with really great prevention are a fraction of what it costs if there’s an incident,” George says.
What we didn’t know until a few days ago was precisely how the new solution would do that, and the answer turns out to be interesting for reasons that go beyond the system’s fusion of functions. All of Syncro XMM’s Microsoft 365 management functionality, it turns out, comes straight from Microsoft itself.
“Microsoft is by far the world’s largest and most successful cybersecurity company,” George says. Syncro’s value-add is making Microsoft’s cybersecurity tools consumable by MSPs.
“These assets were built for the large enterprise,” George says. “They don’t have multi-tenant management, etc. They don’t have an RMM integrated.” Syncro XMM is designed to close those gaps.
It will do the same for additional Microsoft security tools in the future as well, according to George. “We will be providing a more comprehensive solution in and around the security category a little later this year,” he says.
There’s third-party backup coming to XMM down the road too. George won’t confirm which third party just yet, but it’s pretty clear where he intends to get all of the Syncro XMM functionality not built by Syncro itself going forward.
“I think you should assume that we are making a big bet on Microsoft being the dominant platform and provider in this space,” he says.
A quick note about Syncro’s launch calendar
Think it’s a coincidence that Syncro XMM debuted on the exact same day as Kaseya 365 Ops? Think again. Syncro had a booth on the Kaseya Connect show floor where it performed live XMM demos to apparently sizeable audiences all week.
So perhaps no one should be surprised when Syncro plans to ship its first XMM update. “June 3rd is [ConnectWise] IT Nation Secure, so you can imagine we’ll probably have some news around that that’ll be very exciting,” George says. Another major update will arrive in September during Informa’s MSP Summit event in Orlando, followed by another one still during ConnectWise’s IT Nation Connect show in November.
“It’ll be a fun year,” George says.
Blackpoint Cyber targets MSPs that have outgrown the security “easy button”
Like Kaseya and Syncro, Blackpoint Cyber believes MSPs are generally better off with fewer tools from fewer vendors. Unlike those two companies, however, Blackpoint believes MSPs aren’t better off getting their security software from the same place they get their RMM and PSA software.
Or some aren’t, anyway. “In the days when you have less than 10 employees, there’s definitely an easy button needed,” Estep (pictured) says. “But as you grow into more mature MSPs and more mature IT service providers, you’re looking for best of breed in each respective market.”
Including security, he continues, adding that you’re unlikely to get best of breed security from makers of end-to-end platforms. “The challenge that any of the RMM/PSA platforms have is when you’re trying to go all the way from RMM to document management to security to security awareness training to quoting, it’s hard to build something that’s best of breed.”
CompassOne is Blackpoint’s middle way answer to the need for tool consolidation on the one hand and best of breed on the other. The system unifies MDR, SIEM, vulnerability management, application control, asset inventory, and other functions in a single package without straying into markets outside Blackpoint’s zone of expertise.
“We’re not trying to be a document management platform. We’re not trying to be a quoting platform,” Estep says. CompassOne is all about security.
Or rather security and compliance, mostly because the boundaries between those fields are growing increasingly blurry.
“People before were either very compliance driven or very security driven, but it was a very small client subset that was both,” Estep says. “Now today because of cyber insurance, because of government regulation, everybody’s about to get reset that compliance and security go together hand in hand.” The centralized data layer shared by CompassOne’s various components, he adds, makes satisfying audit requirements simpler.
A few more things worth noting about CompassOne:
1. It’s part of an emerging and still ill-defined product category. Channelholic readers are familiar with data security posture management and have probably encountered application security posture management and (especially) cloud security posture management solutions here and there. Unified security posture management offerings designed to merge those and other functions are rarer.
“Everybody’s making the “posture” word popular, but almost all the posture platforms are siloed,” Estep says. “Nothing’s bringing it all together like CompassOne’s going to do.”
2. It’s not actually a unified security posture management solution. Blackpoint calls it a unified security posture and response solution, in a nod toward its core competency in MDR.
3. It’s not hostile to integrations. To the contrary, Blackpoint emphasizes, connections between CompassOne and products from vendors like Bitdefender, Cisco, ConnectWise, Microsoft, SentinelOne, and Sophos is a big part of what makes the new solution helpful for compliance in addition to security.
“We’re ingesting all this data that comes from all these different devices,” Estep says, so end users can defend themselves from attackers and meet compliance demands. “Because ultimately you have to do both.”
But wait, there’s more security news, from Kaseya
You’d never know it based on this post, but Kaseya introduced a SIEM solution with crazy low pricing last week. I’ll discuss it in a bonus post soon, but why wait to learn more when you can get the inside scoop on the new product straight from the GM in charge of Kaseya’s security suite on the latest episode of the podcast I co-host, MSP Chat?
Also worth noting
The deluge of security announcements we warned you about a week ago arrived right on cue during last week’s RSAC Conference. Too many to possibly list here, but here’s a decent sampling:
Cisco is leveraging data from its Splunk platform to add “Instant Attack Verification” to its XDR solution, and extending its efforts to manage AI security risks through a new integration with ServiceNow.
Palo Alto has added an AI security product named Prisma AIRS, and will acquire Protect AI to bolster the new system’s capabilities.
Charlotte AI Agentic Response and Charlotte AI Agentic Workflows are CrowdStrike’s latest bids to help SOCs move beyond AI copilots toward autonomous security reasoning and action.
Can’t verify this, but CrowdStrike claims Falcon Adversary OverWatch Next-Gen SIEM is the first and only solution to bring managed threat hunting to third-party data.
CrowdStrike and Vectra AI are partnering on network detection and response for SMBs and the midmarket.
Trend Micro’s new AI-powered threat detection functionality draws on NVIDIA hardware and software to help businesses secure AI-driven workloads at scale.
SentinelOne and Cymulate are collaborating to deliver self-healing endpoint security.
Rubrik and Rackspace are collaborating on a new fully managed isolated recovery service.
Malwarebytes has a new global strategic partner program for the consumer side of its portfolio and a free 15-day trial of its OneView platform for the business side.
Abnormal AI has introduced two new security awareness training agents and three no-cost email security upgrades designed to make gateways unnecessary.
Email security needs all the help it can get: 23% of HTML email attachments are malicious, per new research from Barracuda.
Bugcrowd’s new RTaaS (as in red-team-as-a-service) solution is the latest addition to the “aaS” library.
Solutions like the new non-human identity provisioning app from Oasis Security are badly needed now and only getting more so as agentic AI goes mainstream.
Speaking of agentic AI, AppOmni has unveiled a SaaS security Model Context Protocol (MCP) server for agentic AI architectures.
Salt Security has something very similar.
ExtraHop’s new all-in-one sensor is the vendor’s latest step toward unifying NDR, network performance monitoring, intrusion detection, and full packet forensics.
More unifying: CrashPlan’s new platform aims to unify data resiliency and protection for endpoints, servers, and Microsoft 365, with Google Workspace coming soon.
Forcepoint has a new AI-powered data security platform.
Netwrix has DSPM coming to its 1Secure SaaS platform.
Backblaze’s new B2 Overdrive is designed to provide terabit-speed throughput starting at $15 per terabyte.
New functionality from HPE Aruba Networking and HPE GreenLake cloud aims to modernize secure connectivity and hybrid cloud operations.
Rod Squiers is the new CEO at CloudBolt.