I devoted much of my last post to two startups automating managed services in interesting—and increasingly autonomous—ways with AI. Judging by the traffic numbers, more than a few of you found those writeups useful.

So how about a couple more?

Like Cyft and Devicie, which I wrote about last week, the vendors I have in mind this time are building natively around AI rather than layering it on top of legacy workflows and interfaces. Unlike Cyft (which is developing nothing less than an AI-enabled “operating system for MSPs”) and Devicie (which wants to remove humans from the device management loop), the use cases Thread and InfiltrateIQ have in mind are much more specific.

In the case of Thread, that use case is service delivery. Or at least it is now. The company’s initial mission, per earlier coverage, was to automate away the issues that make manual ticketing painful for end users and technicians alike. Today, its vision (newly updated on its website as of this week) is to automate more or less everything an MSP’s service desk does end to end.

AI is very much at the heart of that vision. In its original incarnation, Thread’s platform employed what the company calls “assistive AI” to categorize, title, prioritize, and time track incoming tickets for MSPs based on input collected from customers by chatbots in Slack and Teams. More recently, it’s drawn on agentic AI and integration with high-flying RPA vendor Rewst to triage tickets more thoroughly and—in about 10% of cases involving simple tasks like password resets—close them autonomously.

That alone, Thread says, shortens time to resolution on service incidents by 30-35% on average. The numbers will go up from there soon though, the company promises, when voice AI technology arrives to interact with clients via phone, SMS, WhatsApp, and iMessage.

“You can have an AI agent triage a ticket after hours when current employees aren’t available,” says Paralee Walls (pictured), Thread’s head of marketing. “The technicians will have a ticket ready to work the next morning, rather than just a voicemail recording.”

Additional AI-powered technology capable of making real-time decisions about which ticket goes to which tech in what order based on their skills and availability is due a short time later.

“That’s the last mile of dispatch that we’re focused on closing,” says Bobby Jones, Thread’s head of growth. When that’s done, he adds, the end result will be what Thread calls the managed services world’s easiest, most effective “AI service desk.”

If that sounds somewhat less ambitious than what other vendors bringing AI to MSPs are building, that’s because it is, and intentionally so. Thread’s strategy is to seize first-mover advantage in a big addressable market by automating one thing MSPs do rather than everything. Cyft, for example, has agentic sales, finance, and customer success functionality on its roadmap.

“We’re focused on the service desk,” Jones says.

And simplicity as well, which is why Thread’s software trades some of the customizability provided by vendors like Hatz AI (which came up in a recent post) for ease of implementation. “If you want to build your own LLM, Thread’s not the product for you,” Jones concedes. If your priority is getting ROI from AI quickly though, it is.

“We’re getting MSPs to value on the first day of using our product,” Jones says.

Time will tell if that gets Thread to an IPO or acquisition swiftly as well. In the meantime, the company’s gearing up for AI Service Unleashed, its first user conference, this September. According to Walls, the modestly scaled (50-ish attendees and maybe five sponsors) invitation-only gathering will focus on thought leadership versus product pitches.

“This is our opportunity to plant the flag and say that if you’re an MSP and you want to know more about how to use AI and automation, Thread is who you go to,” she says.

InfiltrateIQ’s AI to Z approach to pen testing

If you think Thread’s approach to AI for MSPs is targeted, wait until you meet InfiltrateIQ, as I did at a conference late in April. The young company doesn’t just focus on penetration testing. It focuses on a particular kind of penetration testing.

“What we’ve developed is a fully AI-operated penetration test for websites, web applications, and APIs,” says Bill Raickovic (pictured), InfiltrateIQ’s managing director.

That’s something a lot of businesses don’t even know they need, according to Spencer Fairbairn, the company’s co-founder and development lead, who says people tend to think “network” when they hear pen test. “They don’t realize that there are many other forms of penetration testing, one of which is the website, API, and web application.” As a result, Fairbairn continues, Vana, InfiltrateIQ’s AI platform, almost always finds flaws.

“If the customer has never done a pen test at all, there’s practically a 100% chance there’s going to be something on the site that’s wrong,” Fairbairn says.

Of course, Sxipher, ThreatMate, and Kaseya’s Vonahi unit among others also claim to automate pen testing. InfiltrateIQ says they don’t, however. According to Raickovic, the company researched about 20 such vendors before its founding in 2023.

“There was always a manual part to the process,” he says, adding that any AI the vendor employed mostly helped with tasks like report writing. “We’ve developed an AI that literally does everything from A to Z.”

And at machine speed too. Human-powered pen tests typically take anywhere from a few weeks to a few months. InfiltrateIQ does it in one to two days.

“You go log onto your dashboard, you put in the URL, and you schedule the test,” Raickovic says. “24 to 48 hours later you get an email telling you to download the reports.”

Unlike the $20,000 or more vendors often charge for one test, InfiltrateIQ charges $375 a month (billed annually) for 12. According to Raickovic, MSPs generally resell the tests for a few thousand dollars each.

“We’re doing a win-win situation here where the customer saves money and the MSP has a fantastic margin,” he says.

InfiltrateIQ does vulnerability scanning in addition to pen testing. An annual $249 per month contract includes 180 scans, which works out to 15 a month at $16.60 each, Raickovic notes. An additional website defense service priced at $749 a month uses AI-powered detection and response technology to protect websites from AI-powered attacks in real time.

Rates like that make affordability an unlikely sales objection. Trust, however, is another matter. Some potential users worry about a fully autonomous digital pen tester missing some risks and hallucinating others.

“That’s really the only challenge we’ve had,” Raickovic says.

Follow Me on LinkedIn

Happy(ish) AI Appreciation Day

Remember EVE?

Me neither. The obscure cinematic exercise in AI doomerism came and went quickly, leaving little behind except a clever marketing gimmick—the first AI Appreciation Day.

That took place on July 16, 2021, and other than some unclaimed merch little of that landmark remains. Yet four years later, thanks less to movie magic than the $644 billion market brought into being the following year by ChatGPT, AI Appreciation Day lives on.

Given that they wouldn’t exist without AI, I’m guessing the folks at both Thread and InfiltrateIQ joined in this year’s celebrations two days ago. Hard to know for sure, though, who else had cause to join them.

• People on the receiving end of the roughly $70 billion investors have poured into AI vendors just in the first half of 2025 (up from $58.7 billion for all of last year) probably celebrated. All the non-AI vendors crowded out of the venture capital market probably didn’t.

• Software makers producing code faster? Appreciative. Software makers who only think they’re producing code faster? Maybe more appreciative than they should be.

• SOC operators like N-able, which has amplified manual threat hunting capabilities 153x thanks to AI, no doubt raised a glass in appreciation. SOC analysts like the security professionals Bitdefender surveyed last year probably didn’t, given that 96% of them consider overreliance on AI for security purposes a potential threat. Same goes for the security pros ISC2 polled more recently.

• The nearly 85 million people globally who’ll lose a job this year due to AI per a recent study probably didn’t celebrate, especially if they were replaced by the AI they helped code. The 97 million people who’ll gain a job due to AI this year per the same study probably did (especially if the gig came with a nine-figure contract).

• The many people getting more done and making more money with AI’s help were undoubtedly pretty appreciative. The many others who are burned out, bored, sinking into cognitive debt, and losing their critical thinking skills would probably be less appreciative if they still had the brain power to care.

• Businesses set to cash in on a massive forthcoming wave of data center construction by Google, Meta, Microsoft, and many others? Appreciative. People who live next door to an AI data center? Less so.

• MSPs enjoying 40% labor savings and 75% cost savings using AI? Appreciative. MSPs at risk of seeing their top and bottom lines drop 15% because they failed to keep up with AI? Apprehensive.

• Managers anticipating a 30% per employee boost from agentic AI? Celebratory. Managers behind one of the many agentic AI projects doomed to failure in the next two years? Not so much.

• People worried about debt and deficits? Appreciative. People with a high p(doom), like these guys? Maybe not.

• And yours truly? Pretty appreciative given all the storylines AI has sent my way, not to mention the speaking opportunities. See you at MSP Summit in September!

Share

Speaking of AI…

We talk about it a lot on MSP Chat, the podcast I co-host, with c-suite executives from N-able, Pax8, Sophos, and beyond. Security too. The latest episode features a deep dive into interesting new research from Barracuda and its implications for achieving growth in managed services.

Also worth noting

• We told you this was coming months ago: Insurance distributor Amwins is offering ESET users preferential rates.

• Okta and Palo Alto have rolled out a new conditional access method that limits SSO app usage rights via the latter’s Prisma Access Browser.

• SentinelOne has a big new cloud security solution.

• KnowBe4 does email security for SMBs now in addition to security awareness training.

• Hot on the heels of Rewst, 1Password is the latest of many vendors to ship an MCP Server.

• Stellar Cyber has rolled out a new edition of its SecOps platform as well as new identity threat detection and response functionality.

• Trustwave (soon to be part of LevelBlue) now has managed phishing for Microsoft 365.

• SecOps platform maker Blumira has updated detection filters, automated compliance reporting, and more.

• Deepwatch has signed on to the Google Cloud Managed Security Services Provider Initiative.

• With its new fiscal year now underway, Microsoft has introduced expanded partner benefits aligned with three tech priorities: AI business solutions, cloud and AI platforms, and security.

• GoTo’s LogMeIn Resolve RMM system now integrates with HaloPSA.

• Extreme Platform ONE, from Extreme Networks, adds conversational, multimodal, and agentic AI to networking.

• Eaton is collaborating with NVIDIA on the special challenges of powering AI data centers.

• CloudBolt’s finops platform is now available through Ingram Micro.

• You can now get Aryaka’s Unified SASE as a Service through TD SYNNEX.

• LogicMonitor’s agentic AI solution for ITOps is now on the AWS Marketplace.

• CrowdStrike’s added some products to the AWS Marketplace too.

• As has CyberArk.

• Rajnish Mishra is the new chief development officer at SonicWall.

• The ASCII Group has a new member portal.