Hot Market, Cool Products
For MSPs, there’s a lengthy and ever-growing list of cybersecurity tools and service offerings to consider. Many managed detection and response (MDR) platforms, for instance, are targeted at MSPs for enabling faster cyberthreat detection and remediation. This week during the XChange Security 2023 conference, MDR vendors were well-represented on the show floor—but so were vendors from other pivotal security segments including identity authentication, software security and cyber insurance.
[Related: Kaseya Ransomware Victim Speaks Out: From ‘The Abyss’ To Recovery With Aid From MSP Community]
In all, several dozen vendors showed off their latest security products and services for MSPs this week at XChange Security 2023, which was held in Dallas and hosted by CRN parent The Channel Company. Among those, we’ve pulled together the key details on 10 of the products, which are offered by vendors ranging from startups to established industry players.
What follows are 10 cybersecurity tools and service offerings for MSPs to check out in 2023.
ThreatLocker Health Report
Beyond its flagship “application allowlisting” product used by thousands of MSPs, ThreatLocker now offers a range of offerings for helping to protect endpoints through enforcing secure use of software apps. A new offering called Health Report, which is currently in closed beta, aims to go another step further by proactively warning about potentially questionable applications in use by an end customer, said ThreatLocker co-founder and CEO Danny Jenkins. The reports, assembled by a special team within ThreatLocker on a client-by-client basis, show the “consequences of bad hygiene” by revealing attributes such as where software was developed, Jenkins said. For instance, a finding that a certain app in use was developed in Russia or China might be an indicator to look more closely at whether the software should be allowed to run, he told CRN. The Health Report also suggests potential actions to take other than just blocking the apps, such as preventing the software from accessing company data, Jenkins said. Ultimately, the intent is for MSPs to bring the reports to their customers as a way to show potential security weaknesses in their environments, he said.
Blackpoint Cyber MDR
Blackpoint Cyber’s MDR technology aims to spot threats and address them in real time, ultimately preventing breaches by dealing with malicious activity at the earliest possible point. By continuously monitoring users and activity, detecting emerging threats and taking rapid action, Blackpoint said its MDR offering can enable organizations to stay ahead of the attackers—or to the “left of boom,” as MacKenzie Brown, the recently appointed vice president of security at Blackpoint Cyber, has put it. That means focusing on detecting threats just after initial access is achieved and thwarting them before more serious damage or lateral movement can occur, Brown told CRN. “Bad guys get in the door, let’s stop them, block them, immediately remediate and move on,” she said.
Token Ring
Token aims to provide “next-generation” multi-factor authentication with its smart ring technology. The Token Ring, according to the company, eliminates the vulnerabilities associated with traditional authentication through the use of an integrated fingerprint sensor, ensuring that only authorized users can access it. Key capabilities include leveraging NFC technology for proximity security —which involves validating the proximity of the smart ring—and a gesture feature that enables users to authenticate only when they mean to.
Deepwatch MDR
Deepwatch, the provider of an MDR platform that generates 100 percent of its sales with the help of partners, aims to enable dramatically improved visibility for customers in addition to providing automated detection and response to block threats. Notable components of the offering include the Deepwatch Secure Score, which the company calls its “patented maturity model” to help give customers a road map for improving their security posture. Deepwatch recently said it has revamped its channel program with updates including deal renewal protections for incumbent partners, while also maintaining the “guaranteed” margin that has been a hallmark of the program to date.
DataStream Cyber Insurance
In addition to serving as a cyber insurance broker focused on MSPs—and specifically, on helping MSPs reduce their liability by covering their customers—DataStream provides security assessments and training, as well as data analysis around the financial implications of cybersecurity risk. This week, DataStream said it has added four additional security vendors as partners—Trend Micro, Liongard, Acronis and Nodeware. Through the partnerships, the aim is for “technology and insurance [to work] together to make companies safer against cyber risk,” DataStream said in a news release. As one example of what the partnerships will involve, Liongard said it will “simplify and accelerate the cyber insurance application process through automation” by working with DataStream. Nodeware, meanwhile, said it will provide DataStream customers with continuous vulnerability management capabilities.
Barracuda XDR
Initially based on Barracuda’s acquisition of Skout Cybersecurity in 2021, Barracuda XDR (extended detection and response) has since been expanded to add a number of capabilities critical to MSPs. Those include an integration between the XDR platform and Barracuda’s CloudGen Firewall, which gives MSPs improved visibility into customer environments along with the ability to leverage a 24×7 Security Operations Center for a boost to their own efficiency. Other updates have included the company’s mapping of threat detection rules to the widely used MITRE ATT&CK framework, as well as the addition of SOAR (security orchestration, automation and response) capabilities to its SOC offering.
SaaS Alerts Unify
SaaS Alerts used XChange Security 2023 to tout its recent debut of Unify, which provides visibility between SaaS applications and end-user devices by leveraging remote monitoring and management (RMM) agents. Unify correlates device data from RMM agents with security events in SaaS accounts, ultimately enabling better protection of key data in SaaS apps, according to the company. Unify is available for free to “active partners” who provision ConnectWise Automate, Ninja RMM or Kaseya VSA within the SaaS Alerts platform, according to the company.
Kroll Responder
Kroll is looking to expand its North America partner base for offerings including its MDR service, Kroll Responder, which leverages the company’s 2021 acquisition of U.K.-based Redscan. The vendor is differentiated on MDR in part through utilizing Kroll’s threat intelligence, gleaned from the company’s 3,500 yearly incident response cases, according to Keith Carter, Kroll’s global head of cyber channel and alliances. Kroll Responder also aims to stand out with what the company calls a “complete response” to detected cyber incidents, which goes beyond containment to provide full remediation including removal of persistence, cleanup of malware and assistance throughout the process of recovery.
OpenText DNS Protection
OpenText Cybersecurity recently made its DNS (domain name system) protection available separately from its Webroot endpoint security platform. The move has enabled the DNS protection offering to become relevant to a broader set of customers, allowing customers to standardize their DNS protection without needing to deploy two separate antivirus products. Given that it’s common for customers to have existing licenses with other endpoint security vendors—but still have a need for DNS protection—partners have seen it as a welcome move that OpenText Cybersecurity is offering stand-alone DNS protection.