1. It’s still all about platforms in security

It’s not hard to envision a world in which the challenges of AI security broadly and agentic security specifically lead big-time platformization proponents to adopt point solutions with capabilities not available in their platform of choice. Based on my RSAC conversations last week, platform-of-choice vendors aren’t worried much about that vision becoming reality.

Barracuda, for example, believes AI makes the power of platforms like its BarracudaONE even more compelling for the SMBs in its target market.

“They’re resource constrained. They can’t deal with tool sprawl,” Rohit Ghai, Barracuda’s CEO, says. Or with a newer, still emerging version of that phenomenon, he adds.

“In the AI era, it’s not tool sprawl. It’s now agent sprawl, because everybody and their brother and their sister and their dog is delivering an agent,” Ghai says. Bad things happen, he adds, when those agents don’t work together well.

“Agents have, well, agency, and if they act in conflict, it’s not a question of efficiency or efficacy. It’s a disaster,” Ghai explains. Which is why businesses of all sizes, he maintains, are better off getting all their agents from one source.

Plus, platforms can share telemetry and coordinate responses in ways point products can’t, adds Greg Clark, senior director of product management for enterprise cybersecurity at OpenText Cybersecurity, whose platform includes systems for managing sensitive data, setting access permissions, and threat monitoring.

“When a human or a non-human or an agent is doing something around data that maybe they shouldn’t or that seems anomalous to the identity system or the threat detection system, that heightened signal will allow us to act quicker with more specificity,” he says.

2. Fears of a security SaaSpocalypse may be a tad overblown

Anthropic’s recent release of an AI code-checking product sent security share prices plummeting, as did word of a forthcoming “step change” improvement in the company’s Claude model. Schiappa isn’t losing sleep over the matter. LLMs are powerful tools, he says, but lack the deep end user knowledge needed to excel at security.

“I honestly don’t think that in a lot of the security I’m involved in they’re going to have that big of an impact, because they just can’t get to that individual customer context,” Schiappa says. “That’s not what they do. They’ll produce great models and we use them as the basis of our small language models and we’re huge fans of them, but they’re never going to get us where we need to go without our own models on top of it.”

3. Security vendors are using AI to fight AI-related partner program sat risks

I wrote early this month about research from GTIA hinting at erosion in member satisfaction with vendor partner programs for reasons probably related to misalignment between what partners need in the AI era and what partner programs offer. What I didn’t mention is that while AI may be partly responsible for a modest decline in partner program sat, according to GTIA, it’s also made working with vendors easier in ways partners appreciate.

More specifically, 37% of partners surveyed by GTIA said that access to vendor AI has made enablement and support easier, 35% said the same of collaboration on product and service roadmaps, and 34% said the same of pricing, discount, and margin management. Which bodes well for the vendors I spoke with at RSAC, many of whom are using AI to boost partner engagement and loyalty.

SentinelOne, for example, is actively exploring a wide range of AI-based portal enhancements. “How do you give partners real-time access to data about how they’re performing for the customer, customer renewals, customer insights, the pipeline, the deal registrations,” says Brian Lanigan, the company’s senior vice president and global head of partner ecosystem. “How do we give them more visibility to what we’re doing? How do [we help them] understand the health of their business with us and what we expect from them?”

The company’s looking for ways to use AI behind the scenes to accelerate responsiveness as well, he adds. “What can we do on our end, whether it’s with Google Workspace and what we can instrument through the AI capabilities across Gemini and working with NotebookLM and Google Apps Script and those things, that can really streamline how we service our partners?”

Sophos, for its part, is rolling out functionality that lets partners build self-service quotes in natural language via Microsoft Copilot.

“That can happen within seconds, versus oftentimes it takes minutes to hours or a phone call” to get a quote, says Chris Bell (pictured), the vendor’s SVP of global channel, alliances, and corporate development.

The revamped partner program Barracuda rolled out during RSAC similarly features an AI-powered portal offering guided onboarding, automated deal registration, simplified MDF tracking, and more, with AI‑based marketing automation capabilities coming later.

All of that is necessary but not sufficient for Barracuda and software makers like it though, according to Michelle Hodges, the vendor’s senior vice president of global channels and alliances. Yes, she says, AI tools make doing business with Barracuda simpler, but the vendor’s “secret sauce” is and must remain people.

“It’s still two entities that need to create connection, understand what the joint opportunity is, what the sweet spot is to be able to grow,” Hodges says. “We can’t forget about the role of people in partnership programs.”

Bell agrees. The biggest benefit of chatting with AI, he says, is that it frees up time for chatting with humans.

“My whole goal, and this is what I always tell my team, is how can we give sales capacity back so our partners can have more touch with their customers and we can have more touch with our partners,” Bell says. “That human engagement can’t be replaced.”

Live from RSAC

Want to see my podcast co-host and me enjoy a rare moment of serenity at RSAC while discussing AI governance in California sunshine outside the Moscone Center? Tune into the latest episode of MSP Chat, which should go live on Monday. Until then, there are more great (IMO) episodes located here.