Early last month, a blog post by Sequoia Capital partner Julien Bek made the online rounds among people (like yours truly) interested in AI, software, services, and private capital. It began with a provocative assertion: “The next $1T company will be a software company masquerading as a services firm.”

That got my attention in no small part because some of my most widely read posts last year were about what are, IMO, software companies masquerading as managed services firms, specifically Titan and Shield Technology Partners. Both are budding MSP rollups backed by $74 million from venture capital giant General Catalyst in Titan’s case and by $200 million from venture giant Thrive and ZBS Partners (plus direct technical assistance from none other than OpenAI) in Shield’s case.

Both those companies use custom-developed AI tools to do work for their customers. The $1 trillion behemoth Bek anticipates will do the same, and eliminate fears of becoming Claude’s next SaaSpocalypse victim in the process.

“If you sell the tool, you’re in a race against the model. But if you sell the work, every improvement in the model makes your service faster, cheaper, and harder to compete with,” Bek writes.

There’s a whole lot more money to be made selling work versus tools too. “A company might spend $10K a year for QuickBooks and $120K on an accountant to close the books,” Bek says. “The next legendary company will just close the books.”

Those words resonated with Peter Doyle, co-founder and CEO of a new player on the managed services landscape named Treeline. During his nine-plus years at venture capital firm Accel, Doyle (pictured) says, he discovered a “dirty secret” about enterprise SaaS companies: they all have implementation, support, and customization arms.

“They’re just kind of, in another form, a software and service hybrid company,” he says. “We’re no different.”

Except that Treeline is different, from Titan, Shield, most MSPs, any SaaS vendor I know of, and pretty much everyone else in IT. In fact, Treeline is so different from anything else I’ve written about before that the best way I can think of to get at what they are is to list all the things they’re not.

1. They’re not actually new. Though the company went public with its story last week, it’s been inconspicuously doing business for two years and currently has around 200 clients, mostly with 30 to a few hundred users each.

“We’ve been operating nicely and scaling nicely for some time,” Doyle says. “We just felt like operating quietly and figuring out the right messaging to the market and the right long-term roadmap was a nice precursor before beating the drum.”

2. They’re not new to managed services either. Doyle, to be sure, is relatively new to the field, which he first encountered during his time in VC.

“I just kept finding the general problem space really interesting within the MSP category,” he says. “Not just is there another tool they can buy with a credit card swipe that can improve what service providers do and how they operate on a daily basis, but is there actually fundamentally a new model that we can create that is, in our definition, the modern or next generation iteration of this market?”

To bring that vision to life, Doyle acquired three MSPs with direct industry experience and, more recently, brought Jeff Gaines on board as chief growth officer. Gaines is a former MSP who until this January was SVP of growth at mega mega MSP Evergreen. He kind of knows his way around the market.

3. They’re not masquerading as a services company. They are a services company, albeit one leaning into software as far “as is appropriate,” Doyle says. “We don’t want to go far enough to where we’re disintermediating the customer and user fully from white glove support, and technicians in the loop, and that human component.”

4. They’re not backed by private equity. Like Titan and Shield, they’re funded by venture capital, $25 million of it to be precise, provided chiefly by the grandaddy of all VC firms, Andreessen Horowitz.

That’s interesting for at least three reasons. For one, it’s the first time Andreessen Horowitz has invested this directly in managed services. For another, Treeline is more a services provider than a software company and Andreessen Horowitz’s motto remains “software is eating the world.” And for a third, it suggests that a16z has finally caught onto to the tip I offered it over two years ago.

5. They’re not using off-the-shelf AI. Like Titan and Shield, Treeline uses cutting-edge software written in-house from scratch by a team of Silicon Valley engineers (seven of them as of a few weeks ago). At present, the company says, its home-grown AI platform is augmenting or fully resolving 98% of customer-submitted help desk requests, onboarding employees in two minutes versus the previous 20, and slashing error rates for tickets it closes autonomously by 95%.

6. They’re not competing on price. Treeline leverages the operational efficiencies made possible by its AI stack to offer customers “very competitive pricing” that will get even more competitive over time, according to Doyle, “because when we scale with them, it’s not us having to add so much headcount to do it.” That’s not the message it leads with in sales meetings, though.

“You’re just going to qualitatively experience better service. You don’t need to wait as long in queues,” Doyle says. That value proposition, he adds, justifies rates that while cheaper than those of many peers won’t be cheap per se. The platform Treeline continues to build is powerful, Doyle observes, “but it doesn’t come without significant engineering investment.”

7. They’re not employing AI solely to automate the service desk. Unlike Titan and Shield, for the moment at least, Treeline offers its clients AI-powered MDR and compliance services too. The compliance piece, it’s worth noting, doesn’t run entirely on AI software the company wrote itself.

“It’s messy,” says Doyle of compliance, “so we will partner with folks like Vanta and Drata for some areas that we just don’t want to build.”

8. They’re not only using AI internally. Sure, Treeline employs AI to automate its service desk, but according to Doyle that’s table stakes.

“Had we made that pitch to Andreessen and a lot of our investors, they probably wouldn’t have invested,” he says.

The reason they did invest is because Treeline plans to supplement help desk revenue with strategic, sticky, margin-rich AI roadmapping, implementation, training, and development services.

“We don’t just want to stop at technician improvements,” Doyle says. “We want to use that as a way to further build a relationship with a customer and offer them much more value over time in all these other areas.”

9. They’re not an MSP rollup. Titan and Shield are both actively recruiting as many high-quality MSPs as they can find. Treeline, as I mentioned, has bought three MSPs to date and will buy more in the future, but solely to supplement its staff.

“We will continue to opportunistically merge with and bring on additional service providers over time,” Doyle says. “Not a huge number, but where it complements our skillset and complements the types of businesses and markets we’re going after, that’s great.”

Which means that “if you can’t beat ‘em, join ‘em” isn’t as much an option here as it is with Titan and Shield. Treeline is much more interested in competing with the vast majority of MSPs reading this article than it is in purchasing them.

Can AI governance tools close the AI governance gap?

Broadly speaking, when an MSP has a business problem, tooling is more likely to be the excuse than the culprit. It’s not my poorly designed workflows, my spotty documentation, my loosely trained techs, or what have you. It’s my damn tool stack.

As I said, though, that’s usually the case, not always. Sometimes tools really are part of the problem. Maybe AI governance is one of those cases.

You’ll recall that I wrote in dismay recently about the yawning gap between how badly businesses need AI governance services and want to get them from MSPs on the one hand and the relative scarcity of MSPs eager to provide those services on the other, and then podcasted in dismay about the same topic a few days later live from the RSA Conference in San Francisco. The biggest explanations I pointed to for that state of affairs were that a) many MSPs don’t yet grasp AI’s governance dangers, and b) those same MSPs are too busy trying to think through AI basics to get into AI governance.

But tooling, in fairness, is a barrier too.

There are plenty of data loss prevention tools on the market, notes Leeron Walter, vice president of marketing at DLP and insider risk management vendor Teramind, but almost all of them were written well before users within and across companies began exchanging data with chatbots and agents.

“There are gaps in visibility, and it might be much easier for an employee with non-malicious intent to accidentally leak information and data,” Walter notes.

Legacy governance solutions, meanwhile, typically detect policy violations after someone has broken the rules. By that time, notes Harry Labana, SVP and general manager of Proofpoint’s Digital Communications Governance business unit, data leaked by chatbot users and agents has probably become LLM training fodder.

“AI is turning software into an active participant in business communication,” Labana (pictured) says. “What that implies is that governance can’t happen only after the fact. It needs to happen upfront as well.”

Proofpoint’s recently released Nuclei Discovery & Archive Suite is designed to do precisely that, Labana says. Based on technology the vendor acquired last May, the system uses AI agents to spot potential instances of misconduct, insider risk, and AI misuse in real time and notify downstream security solutions capable of blocking it. The goal, according to Labana, is to let businesses capitalize on all of AI’s productivity-boosting power, but responsibly and without asking end users to flawlessly apply policies they don’t fully understand.

“We’re not here trying to stop AI,” he says, “but it’s got to be done in a way that protects you.”

That’s Teramind’s goal as well, Walter says. “Companies owe it to their customers to protect their credit cards,” she says, and multiple regulations require them to meet that obligation. Teramind AI Governance, released on the same day as Proofpoint’s Nuclei solution as it happens, is designed to help them do so by applying the company’s insider risk management expertise to a new use case.

Teramind, however, is an enterprise-oriented company. MSPs need easy, automated, multi-tenant solutions optimized for use by IT providers with limited time, money, and security expertise. That’s where tooling starts becoming a legitimate excuse for MSPs ignoring AI governance, because there aren’t many systems like that. CultureAI has one, as does Kipling Secure (disclosure: Kipling is a client of the consultancy I serve as chief analyst). Cyflow offers a third.

“We’re monitoring everything that’s going on in the company,” says Amit Israel, Cyflow’s co-founder and CRO. “The main thing is that we can block it, meaning we’re not only monitoring,” he adds. “We can block that while in action and we can report that while in action.” Otherwise, Israel continues, an MSP with a few dozen clients could spend their entire day responding to AI security alerts. “It will be a nightmare.”

Though not, arguably, as big a nightmare as the one MSPs will suffer if they continue ignoring AI governance. End users know they’re seeing the tip of a much larger iceberg when it comes to LLM data leakage, Walter says. “They have no idea how quickly things can escalate, and everyone is kind of scrambling to figure out what companies can do to ensure they have those guardrails.”

MSPs really need to have an answer for them.

Follow Me on LinkedIn

Over on The Business of Tech

Host Dave Sobel concurs about AI governance:

There’s a lot of interesting context for that statement, all waiting for you here.

What does a security system of record look like? Maybe like Torq.

Regular readers know that I’ve been thinking about systems of action, systems of record, and their implications for the MSP market this year.

For the benefit of less regular readers: systems of record are big, centralized business applications that employ deep compilations of authoritative data to help users accelerate critical workflows. Systems of action, on the other hand, actually execute those workflows for you. Thread, Pia, and recent ConnectWise acquisition zofiQ all make systems of action for MSPs. Cyft and Lexful make systems of record for MSPs with system of action functionality.

All of those companies, however, play at or near the service desk. What do their equivalents in security look like?

That’s an easy enough question to answer so far as systems of action go. They look like the agentic, autonomous AI SOC and MDR solutions from companies like N-able and Arctic Wolf that I wrote about last week. I would have had more trouble describing a system of record for security, though, until a recent conversation with Torq.

Strictly speaking, Torq too is an AI SOC vendor. Founded six years ago and valued at $1.2 billion as of January, the company’s core platform uses agentic triage, automation, case management, and remediation functionality to close 90% of Tier 1 tickets autonomously. It also, however, has over 300 integrations that allow it to automate actions in and ingest incident feeds from security solutions made by companies like SentinelOne, Palo Alto Networks, and CrowdStrike.

Which is interesting, because it’s all about platforms these days, especially in cyber, and SentinelOne, Palo Alto Networks, and CrowdStrike are all platform makers.

“The differentiation for Torq in our space is that we are truly a one-stop shop single pane of glass,” says Sheldon Muir (pictured), the vendor’s head of global channels and alliances. “As awesome as CrowdStrike is, or a lot of this technology is, it’s only as good as its purview. It’s only as good as the CrowdStrike ecosystem. What do you do outside of the CrowdStrike ecosystem? Torq facilitates that.”

Making it a kind of … what? Uber platform? Hyper platform? Platform of platforms?

How about security system of record? What’s intriguing about Cyft and Lexful is that they’re each using current and forthcoming integrations to build a powerful, exceptionally strategic superset of data housed in PSA systems, email, Teams, Slack, HubSpot, and the rest of an MSP’s tool stack. Torq’s doing the same thing in its realm, and positioning itself to be a kind of master system of action too. Say CrowdStrike finds a compromised email attachment, for example.

“No doubt CrowdStrike could tombstone that file, clean that file, but now maybe we could reach out to Proofpoint too and quarantine that host,” Muir says. “We could reach out to the Office 365 environment, the Google Drive environment, tombstone, trigger remediation, and so on.”

Though roughly a third of Torq’s customers are MSSPs and MDR operators, the company mostly serves large businesses. Maybe readers will point me to someone, but I don’t think there’s anyone focused on MSPs offering quite the same security system of record/system of action capabilities.

I’m just sure there will be.

Share

Based on this podcast interview, we really need that system

The sooner a security system of record/action for MSPs arrives, the better, based on a conversation with Michael Crean of SonicWall on the latest episode of the MSP Chat podcast. New research we get into documents just how often MSPs and their clients fail to enforce the most basic of cybersecurity basics. The brutal truth is all right here.

Also worth noting

• Get yours in now, folks: GTIA is accepting nominations for this year’s Cecilia Galvin Scholarship, which will award $5,000 to a female senior high school student with a 2.0 or higher GPA who’s a leader in their school and community and has demonstrated an early interest in technology.

• Kaseya has added multiple AI-powered tools to its BCDR portfolio.

• N-able has enrolled Zensec and Atomatik in its Technology Alliance Program.

• Coro has launched an MCP integration. I’m guessing theirs is secure.

• Bitdefender now offers a free internal attack surface assessment offering through its GravityZone PHASR solution to help organizations identify exposure to insider threats.

• Exabeam has extended insider threat behavior detection to tools like ChatGPT and Microsoft Copilot.

• The new white-label capabilities in IDrive’s e2 object storage platform are designed to let MSPs and resellers deliver custom-branded cloud storage services.

• DaaS IQ, from ControlUp, is designed to optimize costs and simplify operations in desktop-as-a-service environments.

• Close this gap, MSPs: According to Object First, 89% of IT leaders fear AI-powered cyberattacks will impact their data yet only 58% use immutable backup storage.

• Cato Networks says the modular adoption model it just added to its AI-native SASE platform enables users to adopt functionality incrementally as their needs evolve.

• Big week for IGEL, which released joint cloud desktop reference architectures with Microsoft, announced a new distribution deal with Exclusive Networks, and made a big, long list of product announcements.

• Pia has joined the Pax8 marketplace.

• The Channel Marketing Association has awarded its 2026 Founders Award for contributions to channel marketing to Diane Brode.