Like everyone in the media, I receive press releases every day. I mean, a lot of them. Ten or twelve dozen, anyway, about pretty much everything under the sun.

Only some of them concern new or updated partner programs, but enough do that it’s easy to let the details of this vendor’s new incentive scheme and that one’s new enablement platform obscure unifying, longer-term themes. I’ve been pondering those themes lately, though, and concluded that these are the two biggest:

Theme #1. Yesterday’s partner program frameworks are woefully out of date.

Theme #2. Vendors have yet to agree on what to do about theme #1.

Let’s start with the outdatedness issue, because there is consensus there. Building partner programs, everyone agrees, was easy back when vendors made products and partners resold them.

“Sell my thing and I will pay you a margin,” explained Ryan Morris, chief channel program strategist at the consultancy I help lead, during a recent episode of the podcast I co-host. “The more you sell, the more margin you will make.”

These days, however, businesses don’t want things so much as solutions involving complex combinations of products from multiple vendors. “We need monitoring, we need remote capability, we need data management and backup and disaster recovery, we need cybersecurity,” Morris (pictured) says. “We can’t get that from a single vendor.”

Or even from vendors alone. Businesses need services in areas ranging from design and procurement to implementation and support at least as much as software to get return on solution investments. They need, in short, an ecosystem of partners with different skills of different kinds for customers of different sizes in different industries.

Which is where things get very complicated very quickly for anyone building a partner program. “I’ve got 10 products in my portfolio, and then I’ve got 10 different types of partners who participate across the lifecycle, and then I go to 10 different target audiences,” Morris says. “The iterations just mushroom. They just go completely insane.”

As do the various mechanisms required to measure and compensate all those partners. “The channel programs have to adapt to recognize the work that gets done and reward value before the transaction, during the sales cycle, and after the implementation,” Morris observes. “Everybody agrees this is the right thing to do, but we are seeing so far very few vendors who have figured it out gracefully at scale.”

Six emerging new rules

That doesn’t mean they’re not trying to figure it out, though. Here’s some of what they’re experimenting with:

1. Points-based reward systems. In older programs, vendors rewarded sales volume and certifications with dollars, in the form of discounts or commissions typically. Newer ones reward a broader range of activities across the lifecycle of a deal, something partners crave, per data from Canalys:

Measuring two things—revenue and certifications—is a lot easier than tracking pre-sales engagement, co-marketing, renewals, and the many other ways partners contribute to sales these days, however. Point-based reward systems, in which partners get points in varying quantities for various actions, have emerged as the most popular answer to that conundrum.

“If they list us on their website or if they leave a Google review, then they get points,” says Kris Blackmon (pictured), director of partner marketing at AvePoint, which introduced a thoroughly modern new partner program just days ago. The more points you get, she adds, the more benefits you get as well.

2. Fewer tiers, or none whatsoever. I’m not sure which partner program was first to feature a silver-gold-platinum tiering scheme, but I’m guessing Adam and Eve were members. “Metallic” tiering structures have been a staple of partner programs for a long, long time. Yet these days, vendors are either reducing tiers (Coro’s new program has just two) or eliminating them altogether, per Paul Edwards, director of software channels and ecosystems at IDC. Edwards recently asked members of the channel leadership council he leads if they planned to eliminate or retain tiers going forward.

“It was almost 50/50,” he says.

AvePoint’s new program takes the middle way. “It’s a hybrid program,” Blackmon says, based around points and tiers, partly for the sake of simplicity. “Points-based systems are great, but they tend to be very complex,” Blackmon notes. “The less we can confuse partners, the better.”

Tiers are an effective motivator too, Morris adds. “If you take that away, it will reward the average and it will punish the elite performers.”

3. More emphasis on competencies and specializations. Program members love the way “gold partner” looks on their website. According to Edwards, almost no one else does.

“It’s not necessarily valuable to an end customer, and quite frankly it’s not valuable to a vendor,” he says. “It doesn’t help the customer understand why they would go with this particular partner.” Specializations do, which is why AWS, Cisco, Microsoft, and many other vendors encourage partners to earn them. Edwards expects competencies to be the defining criteria of most partner programs eventually.

“That’s where ultimately most will go, where the competency is the program,” he says. “There could be a whole lot of things that you already have in a program now, like all the gives and takes in a program, but they’ll be associated with competencies and specializations as opposed to anything else.”

4. Fewer programs for more partners. On average, IDC says, partners today fit into 3.8 business models each, ranging from VAR to MSP to software developer to cloud solution provider and beyond. Making them join 3.8 different partner programs doesn’t make a lot of sense, so vendors are increasingly inviting all of their partners under one big tent. The program Sophos unveiled last month, for example, includes “paths” for resellers, MSPs, MSSPs, GSIs, and more.

5. More co-sales support. Per IDC analyst Steve White earlier this year, partners don’t value sales leads as much as many vendors think. They do appreciate co-sales assistance, however, which is one reason AvePoint offers that benefit to advanced partners in its new program. Another, according to Blackmon, is that close rates rise when AvePoint co-sells.

“The more we have our hands within those sales discussions, the more we know that we can support, we can guide, and we can educate the end customer,” she says.

6. AI-powered automation. Sophos’s new program features an AI sales assistant designed to provide portal navigation, resource location, and sales tips in real time. Barracuda has a similar AI assistant in the works, according to Michelle Hodges, who’s been the security vendor’s senior vice president of global channels since May.

“It allows a partner to open up a referral or a renewal and learn all about the customer and their licensing, and what products they should sell, and how they should position it,” she says.

Edwards sees bigger and better possibilities for AI in partner programs, though, predicting that someday vendors will use it to track competencies earned, deals registered, co-marketing campaigns completed, and many other activities automatically.

“I don’t think any vendor is doing that yet, but I think that’s the future around AI for managing partner relationships and being able to reward partners for everything that they do within accounts,” he says.

Follow Me on LinkedIn

One more reason to listen to my podcast if you don’t already

All those thoughts by Ryan Morris about the past, present, and future of partner programs I just quoted come from an interview he did in a recent episode of MSP Chat. The very latest episode, moreover, features an interview with a senior leader at Xurrent, the service management newcomer I wrote about in April. Check it out here.

N-able heard the buzz about AI SOCs at Black Hat. It’s just not buying it.

If I have any regret about attending IT By Design’s Build IT Live conference a few weeks ago (and I don’t) it’s that I missed this year’s Black Hat conference as a result, and therefore missed all of the hype excitement about AI SOC solutions. Forrester, for example, counted “at least a half-dozen booths—some of them very large—proclaiming the ’first AI-powered SOC’”.

Robert Johnston (pictured), the general manager in charge of N-able’s Adlumin unit, saw the same thing during the show and asked analysts he met with there to explain what distinguishes AI SOC services from the AI-powered MDR/XDR service he provides.

“Every single one of them just smiled and shook their head,” he recalls. “There’s no difference. You’re one and the same.”

Which is kind of what Johnston felt going into those conversations. “We’re easily able to replicate their agent-based AI response capabilities and agent-based AI analyst capabilities,” he says. Indeed, AI is already handling 70% of Adlumin’s incident investigation and threat remediation activity without any human assistance.

“The result is wickedly, crazy fast response times,” Johnston says, as in five seconds to identify an event and 15 seconds to begin responding.

“If a human analyst had to look, investigate, reason, and make a decision about what to do about that particular event, you could be looking at 15 minutes or 30 minutes,” Johnston says. “A lot can happen in 15 minutes or 30 minutes.”

Which is why Johnston predicts that as AI foundation models get more powerful and Adlumin gets better at leveraging them, it won’t be longer than a year or two before the percentage of events requiring human intervention shrinks from today’s 30% to zero and the company’s human analysts all become (my words, not his) “agent bosses” doing quality assurance on an army of bots.

“They will be monitoring the model, changing the model, improving the model, and making it more effective in both reasoning and response,” he says.

Of course, the AI SOC vendors will all reach that milestone eventually too. What they’ll lack when they get there though, according to Johnston, is the maturity that only years of experience on the front lines of managed security can get you.

“AI SOC companies without an MDR backbone are just less capable MDR companies,” Johnston says.

Four more quick points on Adlumin, AI, and MDR

1. Johnston’s prediction that bots will be doing 100% of the work analysts do today within two years gives you a sense for how rapidly AI-based security capabilities are improving. Per N-able’s 2025 State of the SOC Report, fully 86% of alerts required human validation and 10% required MDR team intervention as of January and February this year.

2. Yes, many MSPs have reservations about letting AI essentially run SOCs autonomously at present, but Johnston doesn’t expect that to last much longer.

“MSPs are getting very comfortable with the technology. They’re using it themselves, they’re forming business models around it, and it’s working,” he says. “12 more months from now, they’ll be asking you why you aren’t using AI.”

3. Every time a new model comes out, “the number of parameters doubles, the cost cuts in half, and the size of the model decreases by 30%,” Johnston says. “All of that is going to lead to better MDR.”

But also cheaper MDR if the cost’s dropping that quickly, right? Don’t count on it, Johnston says. MDR services may cost progressively less to deliver in the years ahead, but they’ll also resolve progressively more alerts more rapidly and effectively.

“I don’t think prices will go down because the value has increased so much,” Johnston suggests.

4. My conversation with Johnston took place shortly before CISA publicly disclosed two new additions to its Known Exploited Vulnerabilities Catalog involving N-able’s N-central RMM product. So I followed up to see how Adlumin’s SOC did in protecting users from those flaws. Here, in full, is what the company said in response:

Two critical vulnerabilities were identified within the N-able N-central solution—which require authentication to exploit—and could allow a threat actor to elevate their privileges and maliciously use N-central if not patched. We acted quickly to release a hotfix to address these vulnerabilities, which we have communicated to all N-central customers. Our security investigations have shown evidence of this type of exploitation in a limited number of on-premises environments. We have not seen any evidence of exploitations within N-able hosted cloud environments. Our commitment to security and transparency will continue; we have reserved two CVEs (CVE-2025-8875, CVE-2025-8876) that relate to this hotfix which we will release in the coming weeks. We’ll update customers with any additional information that becomes available as our investigation continues into this matter.

Share

Also worth noting

• SuperOps and AWS, in a move reminiscent of what Pax8’s up to, have launched an agentic AI marketplace.

• Thread, who you’ve read about here recently, has raised $8 million of funding and named a new CEO.

• Trend Micro has unveiled an AI‑powered SIEM with agentic and digital twin capabilities.

• SonicWall’s nine new Generation 8 firewalls feature integrated zero-trust network access, built‑in cyber warranties, and more.

• Q-day approaches, so Palo Alto now offers a Quantum Readiness Dashboard and new quantum‑optimized firewall hardware.

• Malwarebytes has named former Sophos channel chief Kendra Krause the new GM of its ThreatDown business security unit.

• Rubrik’s new “Agent Rewind” solution is designed to undo unintended changes made by pesky AI agents to files, configurations, and databases.

• Fortinet’s FortiRecon solution now aligns with the Continuous Threat Exposure Management (CTEM) framework.

• The MSP edition of 1Password’s Enterprise Password Manager is now on the Pax8 marketplace.

• GoTo’s LogMeIn Resolve RMM now integrates with SentinelOne EDR.

• We told you Sherweb’s going deep on security, and the company’s expanded portfolio of curated security solutions for MSPs is the latest proof.

• Impartner has a new partner playbook for turning AI goals into measurable results.