Apologies, readers. This post is a couple days late, partly because I came home from a week spent covering two events IRL and a third (CrowdStrike’s) remotely laden with more thoughts than I could sift through by Friday. My sifting’s now complete, but before we begin, allow me to list four facts that explain much of what you’re about to read. According to Canalys:

• IT spending will grow 8% this year.

• Security spending will grow an even greater 11%.

• Spending on security services will climb a greater still 13%.

• Spending on managed security services will climb a greatest yet 15%.

Pretty much every vendor I met with last week is aligning its products and partner programs to the needs of security-oriented MSPs as a result of such projections. N-able is as good a first example as you’ll find.

Yes, the managed services software vendor has added new features to its cloud management solution and rolled out an AI-powered integration tool (on which more in a moment) in recent months. But its biggest moves, I’d assert, have all related one way or another to security.

And I did, in fact, assert exactly that during a conversation with CEO John Pagliuca (pictured right) last week at the MSP Summit in Las Vegas, at which point he gently corrected me. “It’s not necessarily the word security,” he said. “It’s really the word resilience.”

As in cyber resilience, the ability to avoid or bounce back from attacks using a mix of security software and BDR solutions. “Everything we’re really leaning forward on is based around that cyber resilience play,” Pagliuca says.

And indeed, N-able’s investing heavily in resilience in ways that are paying off tangibly: the company’s Cove Data Protection solution is its number one revenue generator at present, Pagliuca says, and the MDR solution it acquired along with Adlumin last November is currently the top sales pipeline contributor.

The Adlumin deal, significantly, got N-able into XDR along with MDR, per co-founder and former CEO Robert Johnston (pictured left), who’s now general manager of N-able’s Adlumin business unit. Most people don’t know that the company was originally a channel-focused SIEM vendor, he explains. “Then we deployed MDR on top of that from the endpoint through the network to the cloud.” N-able partners today can choose whether to use just the software, just the service, or both.

“It allows us to meet them exactly where they are,” Pagliuca says.

There are more resilience-related investments coming too. The company’s adding enhanced support for Linux devices, Macs, and third-party Windows apps to its patching software, and finalizing a new vulnerability scanning system. Those projects are closely related, according to Pagliuca.

“Vulnerability and patching really go hand in hand,” Pagliuca says, because a patch is often the best answer to a newly exposed security gap. Currently in limited preview, the scanning tool will become available to all RMM users later in the year.

Two final observations about N-able’s past and present resilience moves

1. They fit comfortably within N-able’s version of the platform strategy that every managed services software player is pursuing. “Our customers want and need a platform because one customer has many needs in our world,” Johnston observes.

2. They also fit comfortably in N-able’s ecosystem (or “ecoverse” per N-able’s preference) vision. We’d love nothing more than to sell MSPs everything they use, Pagliuca says. “But we also know that MSPs on average are leveraging like 17, 20 different SaaS applications. Their tech stacks are growing because their customer needs are growing, and we don’t believe a closed loop system would fit all those needs.”

Hence the AI-powered API tool I alluded to before (which Ingram Micro would probably appreciate). “If you’re an MSP and you want to build an API integration between a piece of N-able technology and something in your stack, you don’t need to go code it. You can just use natural language,” Pagliuca says. “What might’ve taken you hours, literally hours, to build you can now write in 30 seconds by just typing this into the AI tool.”

ESET’s MSP ambitions

MDR, as it happens, figured prominently in the news from security vendor ESET’s conference in Las Vegas last week. The company’s had an MDR solution for over a year, and MSPs have been using it too. The updated version unveiled last week, however, has been tailored specifically to MSP needs for the first time.

“It required some changes with ordering, it required some changes with billing, it required some changes in relation to how the MDR service is delivered to sub-organizations in our management consoles,” says Jakub Debski, ESET’s chief product officer.

Those MDR updates were among several announcements last week trained squarely at MSPs and other resource-constrained organizations. The new AI Advisor that ESET rolled out, for example, is designed to address the security skills shortage by giving users round-the-clock access to a virtual security expert. According to Juraj Malcho (pictured), ESET’s CTO, the new system offers customized, real-time advice based on detailed information about specific targets and behaviors. Similar tools from other vendors, he argues, provide less meaningful and hence helpful insights.

“You will get general information about particular MITRE attack techniques, but it’s not going to be exactly the context of your very attack,” he says.

The initial version of the system focuses on incident inspection. Forthcoming updates will expand into threat intelligence and other security domains. The ultimate goal is to help smaller organizations enjoy the benefits of having an analyst on staff without the costs.

“We know that there is a scarcity of people, and companies are struggling with it,” says Juraj Janosik, ESET’s director of artificial intelligence.

Other labor-stretching tools in development include LiveGuard, a cloud-based system currently in beta testing that ESET’s endpoint-based agents can send suspicious files or messages to for further inspection and sandbox detonation, as well as an open XDR solution (not unlike ConnectWise’s Security360) that will give overworked technicians consolidated access to tools from multiple suppliers.

“It’ll allow them to use and deliver security through a single pane of glass for different vendors,” Debski says.

ESET’s partner organization has more training and education programs for MSPs coming as well, according to channel chief Ryan Grant.

“We’re going to pour more money into the enablement piece and really getting people up to speed on where the market’s going and how to be successful and stay relevant with their customers,” he says. “The days of just incentivizing with more dollars and those sorts of things are pretty much gone.”

Follow Me on LinkedIn

Preferred rates on insurance from a prevention-first vendor

One of the topics ESET has been keeping MSPs up to speed on since late last year is cyberinsurance. Not surprising, perhaps, given how often businesses need it and how rarely MSPs understand it.

“We’ve actually got a few different partnerships now with insurance brokers where we’re bringing them in and educating the partners on how to write a right-sized policy for cyberinsurance for their clients depending on how big they are, and what are some of the requirements needed to be able to support that policy,” Grant says.

ESET plans to go further, though, starting round about midyear by introducing a referral program designed to help MSPs get insurance for their customers more easily.

“Think of it as a strategic alliance that we’ve got with the brokers and the insurance providers,” Grant says. Telemetry piped from ESET’s SOC to NetDiligence, a cyber risk management vendor with an extensive cyberinsurance ecosystem, will qualify buyers for preferred rates. ESET’s currently talking to unspecified companies about providing cyber warranty coverage along the lines of what Cork offers as well.

Interestingly, ESET’s “prevention-first” approach to security apparently made negotiating with NetDiligence easier. “Many vendors in our industry focus on detection and response, and that’s reactive,” Debski says. “That’s problematic for the customers and problematic for the insurance companies. We say that focusing on prevention and ensuring that there is no breach is the biggest ROI for everyone.”

CrowdStrike’s bet on SIEM services

ESET’s devotion to left-of-boom prevention isn’t the only thing insurers like about it. They also appreciate how much data they get from the company’s platform, which spans from endpoint protection and mobile threat defense to cloud application protection, MFA, and beyond.

And as we’ve stated before, insurers are far from alone in having a soft spot for platforms. MSPs love them too. “Having everything done from just one provider is the simplest and the cheapest for them,” Debski says. “It’s basically a win-win situation.”

Count CrowdStrike, a company with a sprawling, deeply integrated platform of its own, among the winners in that equation, according to Daniel Bernard (pictured), the company’s chief business officer. Revenue was up 29% to $3.95 billion in the fiscal year concluded this January. Partners accounted for 60% of that business.

“Consolidation is really what’s happening in the security market,” Bernard explains. “Partners are saying, ‘I want to place a few bets versus 70-plus bets.’”

Especially, he asserts, when the few bets involve a platform with 29 modules and just one agent used by what CrowdStrike says is 300 members of the Fortune 500. “The product wins,” Bernard says.

Much like ESET, CrowdStrike has its eye squarely on services, albeit professional services in its case. During its 2025 Americas Partner Symposium in Park City, Utah, last week, the company introduced a first-ever partner program aimed at rewarding MSPs, MSSPs, and integrators for helping end users replace outdated SIEM solutions with CrowdStrike’s Falcon Next-Gen SIEM offering.

“We’re getting a lot more programmatic to help partners that do some services capture the opportunity that Next-Gen SIEM is today in the market and will be for the next couple years,” says Bernard, adding that the CrowdStrike product has displaced over 2,000 existing deployments since its introduction roughly a year ago. That’s just a fraction of a much larger addressable market, he continues.

“We want partners to be involved in and to help drive the SIEM transformation,” Bernard says. “That’s the opportunity.”

The outage last summer that briefly made CrowdStrike infamous (and that CrowdStrike handled about as well as one can under such circumstances, I’ve argued in the past) hasn’t dissuaded partners from going after such opportunities alongside the company.

“Partners are doing more with us than they’ve ever done before,” Bernard insists. “Great companies and great teams either rise to the occasion or fall apart, and I think if anything, our last year showed our ecosystem that they were betting on the right horse.”

Share

Sectigo’s turning on the certificate management lights

CrowdStrike, clearly, is excited about SIEM replacement. Getting service providers similarly excited will probably take some work, but not as much work as Sectigo has ahead of it regarding a rapidly emerging revenue opportunity more or less hiding in plain sight: TLS certificate management. Every MSP knows what certificates are, observes Mark Bloom (pictured), senior director of North America channel sales at Sectigo. Far fewer buy and renew them on behalf of their clients, or even understand why they should.

“If there’s no why behind doing something, there’s never going to be an initiative that pushes it forward,” Bloom says. “We have to do a better job of educating the community on the why factor.”

And there is in fact a compelling why factor, arguably several of them. First and foremost, the traditional 398-day lifespan of a digital certificate is likely to shrink soon, to 90 days if a pending proposal by Google is approved and just 47 days if Apple gets its way. That could drop to one day a few years from now too, Bloom predicts, when quantum computing makes encryption algorithms dangerously vulnerable.

Which means we’re likely headed toward a future in which expired certificates become more common, which also means things like satellite networks going down unexpectedly become more common too. Renewing certificates, however, takes three to eight hours each on average, according to Bloom.

“It’s a lot of work, especially if you’re having to do renewals six to eight times a year,” he says.

Small businesses can’t take that on, and larger ones don’t want to. “It takes them away from doing and implementing projects that they could be working on,” Bloom says.

Hence the opportunity Sectigo, which both issues certificates and sells solutions for managing them, is evangelizing. “Having MSPs take over that management piece of it for their customers adds a new line of business for them that’s probably not in their repertoire today,” Bloom says.

It’s a sticky line of business too, he adds, both because transferring certificate management from one MSP to another is complicated and because the service adds potentially differentiating value to otherwise commoditized contracts.

These days though, according to Bloom, most MSPs don’t even know how many certificates a given client has until Sectigo tells them. “There’s a lot of times we get on the phone with partners and say, ‘they bought 30 in the last five days. Did you even know about it?’” he notes. The honest response to that question—no—gets people wondering how many other customers have certificates they’re not aware of.

“I equate it to turning on the light switch,” Bloom says. “The room’s dark and when you bring this problem to them the light goes on and then they start seeing it everywhere.”

Deal registrations rose close to 100% as a result last year, he adds. Most MSPs are still living in darkness just the same.

Tired of all this security talk?

How about a little compliance talk instead, courtesy of Tim Golden, CEO of GRC vendor Compliance Scorecard and the latest interview guest on the podcast I co-host. Tune in here:

Also worth noting

• New integrations with AT&T and Datagate aim to make procuring and billing connectivity services easier for HaloPSA users.

• Syncro’s growing platform now has a Network Discovery solution that finds and manages network-connected devices at no additional cost.

• That SIEM partner program I discussed above wasn’t the only thing new from CrowdStrike last week. It’s also added network vulnerability assessments to its Exposure Management solution.

• AD360, ManageEngine’s IAM solution, has 100 new pre-built integrations with a wide range of third-party solutions.

• Speaking of IAM, SailPoint’s new Harbor Pilot offering uses AI agents to automate a variety of identity security tasks.

• Abe Ankumah is the new chief product officer at 1Password.

• The latest update to Keeper Security’s WearOS app for Android features a redesigned interface, one-tap access to 2FA codes, and more.

• The Techs + Together MSP community has inked a global distribution agreement for the complete portfolio of Bitdefender cybersecurity solutions.

• Exclusive Networks is Fortinet’s newest Engage Preferred Services Partner.

• Managed network security vendor LevelBlue has a new partner program for MSPs, MSSPs, and resellers.

• Ugh. Legacy secure email gateways miss an average of 67.5 phishing emails per 100 mailboxes every month, according to new research from IRONSCALES.

• Arrow Electronics partners have a whole new range of AI-oriented managed and professional services to leverage.

• Zyxel has two new Wi-Fi 7 access points for growing SMBs.