MDR, which figured prominently in my conversation with N-able last week, figured prominently in news from security vendor ESET last week during its partner conference in Las Vegas. The company’s had an MDR solution for over a year, and MSPs have been using it too. The updated version unveiled last week, however, has been tailored specifically to MSP needs for the first time.

“It required some changes with ordering, it required some changes with billing, it required some changes in relation to how the MDR service is delivered to sub-organizations in our management consoles,” says Jakub Debski, ESET’s chief product officer.

Those MDR updates were among several announcements last week trained squarely at MSPs and other resource-constrained organizations. The new AI Advisor that ESET rolled out, for example, is designed to address the security skills shortage by giving users round-the-clock access to a virtual security expert. According to Juraj Malcho (pictured), ESET’s CTO, the new system offers customized, real-time advice based on detailed information about specific targets and behaviors. Similar tools from other vendors, he argues, provide less meaningful and hence helpful insights.

“You will get general information about particular MITRE attack techniques, but it’s not going to be exactly the context of your very attack,” he says.

The initial version of the system focuses on incident inspection. Forthcoming updates will expand into threat intelligence and other security domains. The ultimate goal is to help smaller organizations enjoy the benefits of having an analyst on staff without the costs.

“We know that there is a scarcity of people, and companies are struggling with it,” says Juraj Janosik, ESET’s director of artificial intelligence.

Other labor-stretching tools in development include LiveGuard, a cloud-based system currently in beta testing that ESET’s endpoint-based agents can send suspicious files or messages to for further inspection and sandbox detonation, as well as an open XDR solution (not unlike ConnectWise’s Security360) that will give overworked technicians consolidated access to tools from multiple suppliers.

“It’ll allow them to use and deliver security through a single pane of glass for different vendors,” Debski says.

ESET’s partner organization has more training and education programs for MSPs coming as well, according to channel chief Ryan Grant (pictured right at top of post).

“We’re going to pour more money into the enablement piece and really getting people up to speed on where the market’s going and how to be successful and stay relevant with their customers,” he says. “The days of just incentivizing with more dollars and those sorts of things are pretty much gone.”

Follow Me on LinkedIn

Preferred rates on insurance from a prevention-first vendor

One of the topics ESET has been keeping MSPs up to speed on since late last year is cyberinsurance. Not surprising, perhaps, given how often businesses need it and how rarely MSPs understand it.

“We’ve actually got a few different partnerships now with insurance brokers where we’re bringing them in and educating the partners on how to write a right-sized policy for cyberinsurance for their clients depending on how big they are, and what are some of the requirements needed to be able to support that policy,” Grant says.

ESET plans to go further, though, starting round about midyear by introducing a referral program designed to help MSPs get insurance for their customers more easily.

“Think of it as a strategic alliance that we’ve got with the brokers and the insurance providers,” Grant says. Telemetry piped from ESET’s SOC to NetDiligence, a cyber risk management vendor with an extensive cyberinsurance ecosystem, will qualify buyers for preferred rates. ESET’s currently talking to unspecified companies about providing cyber warranty coverage along the lines of what Cork offers as well.

Interestingly, ESET’s “prevention-first” approach to security apparently made negotiating with NetDiligence easier. “Many vendors in our industry focus on detection and response, and that’s reactive,” Debski says. “That’s problematic for the customers and problematic for the insurance companies. We say that focusing on prevention and ensuring that there is no breach is the biggest ROI for everyone.”

Tired of all this security talk?

How about a little compliance talk instead, courtesy of Tim Golden, CEO of GRC vendor Compliance Scorecard and the latest interview guest on the podcast I co-host. Tune in here: