Seceon Goes a Third Way on MDR
Leveraging AI, the security vendor aims to let MSPs run a SOC of their own affordably. Plus: ASCII Group turns 40 and Channel Program adds contract management.
In a perfect world, every MSP would have a SOC of its own staffed 24/7 with impressively credentialed analysts thoroughly familiar with every client’s environment.
In our world, building a SOC costs millions of dollars ($2 to $4 million, to be precise, according to ConnectWise), and finding let alone paying impressively credentialed analysts is an uphill slog.
Hence the popularity of outsourced security services generally and managed detection and response services more specifically. According to new research from Canalys and N-able, in fact, 51% of MSPs currently provide MDR and 76% expect their MDR business to grow in the next three years. Canalys analyst Robin Ody, moreover, expects MDR to be the top growth engine for MSPs globally in 2024.
Data like that only validates a trend long familiar to security vendors, which is why Sophos, Kaseya’s RocketCyber unit, and Barracuda Networks have been offering MDR for years and both SonicWall and WatchGuard—not to mention N-able itself—have entered the MDR space themselves in recent months.
That’s a great development for MSPs, who have more and better options to choose from than ever before. But still…wouldn’t it be great if an MSP could enjoy all the benefits of having its very own SOC without shouldering the huge costs?
Seceon insists not only that they can but that they’re making a big fat mistake if they don’t. “Seceon believes that MSPs should not outsource control to another vendor for something like detection and response, or outsource their profits,” says William Toll (pictured), the company’s VP of marketing.
The core of Seceon’s strategy for sparing MSPs that fate is a heavily automated SIEM/XDR platform that employs AI and machine learning to monitor the billions of data points flying in, out, and through a typical end user environment every day. A component called aiXDR-PMax shipped last fall collects data from a user’s EDR and endpoint protection stack while an even newer cloud-based addition named aiSIEM-CGuard, introduced last week, does the same for data from CrowdStrike, Okta, Zscaler, and pretty much any other third-party vendor that supplies telemetry over the web.
In all, the platform integrates with some 180 log sources, plus dozens of flow, ticketing, and other solutions. It automates response as well as detection too, drawing on prefab templates drafted by Seceon as well as if-then playbooks users can create themselves via a drag-and-drop interface.
In Seceon’s view, to be clear, all of that autonomous functionality isn’t a good enough, more affordable alternative to hiring analysts or an MDR vendor. The platform’s AI engine, the company insists, makes it a better, more affordable alternative to in-house and outside experts.
“We’re ingesting over 70 threat intelligence feeds and applying those across all that telemetry we’re ingesting,” Toll says. “There’s really no human who could do that.”
An outsourced human who somehow could correlate all that data would be at a disadvantage anyway, adds Chandra Pandey, Seceon’s CEO. “The MSP knows their customer environment much better than anybody out there, because they are the ones who are running their applications, their identity, their services, and maintaining their accounts.”
It's a bold claim, needless to say—an AI-automated security platform capable of outperforming a room full of CISSPs. If that’s truly what Seceon has created, though, it could be more than a third choice for anyone weary of both SOC-of-your-own and SOC-as-a-service, but early evidence of AI’s power as a force for security good as well as evil.
At age 40, The ASCII Group is younger than ever
More data from that Canalys/N-able study I cited earlier: Collectively, more than 340,000 channel partners worldwide will pull in over half a trillion dollars of managed services revenue this year.
Figures like that were hard to imagine back in 2007, when I wrote my first article about managed services. They were impossible to imagine in 1984, when IT community The ASCII Group was founded, because managed services as we know it today didn’t even exist. Indeed, the first IBM PC was scarcely three years old at the time.
And yet, 40 years later ASCII is not only still around but as relevant to its members as ever, a somewhat astonishing fact given how swift, extreme, and continuous change is in our industry and that barely a fifth of businesses in any industry even makes it to 20. ASCII has beaten those steep odds by staying true to an all-important thread of continuity.
“We change with the times, but we hang on the same model that we began with, leveraging the power of a community of like-minded businesspeople,” says Alan Weinberger (pictured), the organization’s founder and CEO.
The critical words there are “community” and “power”. ASCII Group brings value to members in a lot of different ways, but its fundamental mission is using the power of collective action to level the playing field between independent IT providers and tech sector giants. In ASCII’s earliest days, those giants were mostly vendors unwilling to offer small computer dealers the same pricing they gave big ones.
“If you put a group together, they have better buying power so they can probably get better leverage with the vendors,” Weinberger says. “Individually, divide and conquer, the vendors could conquer them, but as a group, they couldn’t go around them.”
Now that most resellers are MSPs too, it’s not IBM and Compaq wielding outsized power but a growing cohort of big, private equity-backed managed services rollups with budgets and resources much smaller providers can’t match on their own. Through its marketing programs, business services, and other benefits, ASCII helps its members enjoy conglomerate-style efficiencies without actually getting conglomerated.
“Many of our members are really happy being autonomous,” Weinberger observes. “They don’t want to be part of a big organization.” And because there will always be IT providers like that, he continues, ASCII’s appeal is essentially timeless.
“We’ll always be around, because everybody’s not going to be rolled up by one or two big companies,” Weinberger says.
Vendor longevity tips
Much as scientists mine the world’s so-called “Blue Zones” for the secrets to a long, healthy life, vendors that do business with MSPs would be wise to study The ASCII Group’s longevity in the channel for insights. Three in particular stand out:
Pay respect: MSPs are intelligent people. The ASCII Group treats them that way. “We give them the tools, we give them the programs, we give them the resources, but at the end of the day, they’re the ones making the informed decisions,” says VP of Marketing Alysia Vetter. “We’re not pushing an agenda.”
Pay attention: ASCII offers strategic advice to members, but its real superpower is listening to them. That’s where most of the group’s most successful innovations have come from, in fact, according to ASCII President Jerry Koutavas. “We have the unique privilege of having such a close relationship with this community of MSPs that they were willing to fuel all of the ideas that we presented over the years,” he says.
Concentrate on culture: Koutavas has been with ASCII over 25 years. Vetter has been there over a decade. They’re not exceptions. “A lot of staff been here a long time,” Weinberger says, noting that they contribute an invaluable depth of experience as a result. Building the kind of organization talented people hate to leave is the best way to earn that sort of loyalty.
Channel Program keeps building
It would be wrong to say that Channel Program and Channelholic have grown up together, given that the former came into being over two years ago and the latter debuted last March. But it’s fair to say both organizations have grown a lot in the last year.
Channel Program’s growth has built on the mission it’s pursued since birth: driving engagement between MSPs and vendors in ways that “take friction out of the equation” for both parties, to quote CEO and co-founder Kevin Lancaster (pictured).
On the MSP side, that originally revolved around virtual events, product reviews, and other resources that let users research solutions without receiving unwanted sales contact. Vendors, conversely, got new ways to pitch their offerings to MSPs and earn opt-in permission for follow up in the process.
That vision has expanded in the last year, beginning with the rollout of a partner relationship management platform designed to centralize and simplify interaction between vendors and MSPs, and continuing with last summer’s introduction of NaviStack, a system that lets MSPs create a layout of all the solutions in their current product stack.
The response to NaviStack has frankly caught its developers off guard. You can understand why the tool’s taken off, though, when you learn that users have logged over 16,000 products to date, that one particular user has 124 solutions in their stack, and that most MSPs use Excel spreadsheets to manage all of that complexity.
“It’s a category changer,” says Kelly Stone, Channel Program’s CMO. “NaviStack takes away this pain point that has existed for generations of MSPs.”
It presents opportunities to eliminate further pain points as well, like contract management. New functionality added to NaviStack this week tracks renewal dates on subscription services in an MSP’s stack and alerts users as they approach. “It’s really designed as a fail-safe to ensure that you don’t accidentally renew another contract that perhaps you’re not pleased with,” Stone says.
Further expansions are in the works, according to Lancaster, who’s especially intrigued by the insights NaviStack could provide in areas like which solutions in a given user’s stack are most and least popular with peers.
“I think there’s ways that we can take the data that we’re seeing and help the MSPs make better decisions about their stack and the technologies that they should be considering or looking at,” he says.
In a further effort to share insights announced this week, Channel Program has acquired RocketMSP, a peer group and educational resource that specializes in a form of content increasingly popular among MSPs, as well as pretty much everyone else on Earth.
“The world’s going to video,” Lancaster observes, and buying RocketMSP arms Channel Program to up its video game. Steve Taylor, the company’s founder and CEO, will continue to run it under its new ownership.
“He’s a former MSP,” Lancaster notes, “and has ability to translate a lot of the kind of technical stuff into terms that the MSPs understand.”
As long as that remains something MSPs need, Channel Program and Channelholic will both have plenty of runway for further growth.
Also worth noting
Applications are now open for ConnectWise’s 2024 PitchIT accelerator/competition for startup vendors. Sign up now if a $70,000 grand prize sounds good.
Microsoft keeps cloning Copilots. The latest are for sales and customer service.
CrowdStrike and cyber-insurer At-Bay are collaborating on an MDR solution for SMBs, a big target for CrowdStrike and other big names in security.
Speaking of big security vendors courting SMBs, Check Point has introduced firewalls for them. It’s also shipped a GenAI automation and support tool and revamped partner program.
Vade’s move on the AI front this week was shipping a new spear-phishing detection engine designed, among other things, to spot malicious AI-generated emails.
SentinelOne has added 24/7 real-time threat hunting, anomalous behavior detection, and more to its WatchTower and WatchTower Pro managed threat hunting services.
CloudBolt has an ambitious series of cloud financial management features coming.
Own, better known until recently as Own Backup, has a new partner program.
JSG has named Patricia Rush its new chief partnership officer.