RSAC 2023: Partner Program Sneak Peeks, More AI Security Chatter
Cybersecurity experts are hopeful, but cautious about accelerating AI and security.
![RSAC 2023 Day 2 Cover RSAC 2023 Day 2 Cover](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt1812cfc652001b5c/6523fddaf2d8792c3c1c0180/RSAC-2023-Day-2-Cover.jpg?width=700&auto=webp&quality=80&disable=upscale)
Tim Puccio, Delinea‘s senior vice president of global channel and alliances, tells us his company is launching a new partner program to accommodate more partner types.
“It’s been a very successful five-star program for years,’ he said. “But you bring two companies (Thycotic and Centrify) together covering all geos, you have three or four different iterations because of the time span. So what we’re doing now is collapsing it into one global unified program, allowing all types of partners to access it, not just VARs and resellers, but MSPs, MSSPs, marketplaces and ecosystem players. So just evolving it to a new level.”
Puccio said the new Delinea program will be the “Grand Central Station” of partner programs.
“It’s all the partner programs in one,” he said. “So you sign up to be part of our ecosystem, and then inside of that, if you want to be a delivery partner, a selling partner, an ecosystem partner, a tech partner or an alliance partner, you can opt in to that track. So you think about the train station, you get this beautiful train station of one program and then tracks that people can sign into because the buying models have changed. Think about it — VARs want to be MSPs, MSPs want to resell, ecosystem people want to influence, and the GSIs want to participate in a certain level. So that’s really making it easier for people to pick the route they want to go on.”
At RSAC, CrowdStrike unveiled its new Endpoint Detection and Response/Extended Detection and Response (EDR/XDR) offering to provide visibility and threat detection for ChromeOS devices without the need for a mobile device management (MDM) solution, as part of an expanded partnership with Google.
With CrowdStrike Falcon Insight XDR, organizations will benefit from detection and response capabilities to stop adversaries across ChromeOS, Linux, macOS and Windows devices from a unified console.
Daniel Bernard, CrowdStrike’s chief business officer, said ChromeOS is an increasingly important operating system and one that most security vendors have really struggled to figure out how to work on and work with.
“And our partnership with Google has enabled us to get API access to deliver native capabilities on the ChromeOS,” he said. “You see a lot of ChromeOS in education, so in many ways it’s part of the most vulnerable parts of society in terms of people’s digital lives and digital futures. What this means for partners, before the answer was, ‘Oh, CrowdStrike is great and works everywhere, but not necessarily on ChromeOS Chromebooks. So partners can sell us into a new part of the market and we can extend the power of the Falcon platform there. But if you look at other partnerships like what we have with Dell, Dell is the No. 1 producer of Chromebooks, so this is a really nice fit for their go-to-market (GTM) with our technology because now they can secure all the Chromebooks that they make.”
If you were a partner serving K-12 or focusing on public sector, it’s harder to sell an endpoint technology because previously the answer on ChromeOS was no, Bernard said.
“Now that we’re not saying that anymore, we’re saying we’re here to protect you and give you the same visibility across your organization that you had with all the other operating systems,” he said.
There will be more coming from CrowdStrike’s partnership with Google, Bernard said.
“But this is a big step because securing that operating system and having it be part of everything that Falcon does is something that not only our customers wanted and want, but and our partners, too, and that also really differentiates CrowdStrike in the market,” he said.
Ahead of RSAC, Bugcrowd announced its new penetration test-as-a-service offering, providing customers with additional ways to consume and buy pen testing.
“For a long time, there’s been a large segment of the market that’s been somewhat removed from the ability to actually leverage pen testing the way that they should,” said Bugcrowd’s Dave Gerry. “And our belief is that we want to democratize access to security testing. That’s really the mission that Casey Ellis founded the company on, providing access to this crowd of ethical hackers out there and starting to enable customers to be able to tap into that latent creativity that exists. So we’re super excited to be able to bring that to market.”
Also, Bugcrowd will roll out a new partner program.
“This is going to be a core component of how we make sure that our partners understand the value that we can help them provide to their clients and make sure that they remain at the core of what their customers are doing from a security program standpoint,” Gerry said. “The key focus there is going to be making sure that our partners are at the core of how we build this program. A lot of folks within Bugcrowd that we’ve brought on recently have really strong channel sales backgrounds and understand what it’s like to be a partner. And we want to make sure that as we roll this program out, we’ve had partners involved every step of the way so that they have a voice in what that program looks like, and most importantly, it’s something that’s meeting their needs. There’s a strong component of the reseller community, as well as on the alliance and the tech alliance side.”
The new program will enable partners to tap into a much larger pool of resources to more quickly and cost-effectively provide pen testing services to their clients, he said.
Sumo Logic announced several native innovations across its platform to give security analysts better visibility to solve new use cases and enable coordinated defense.
The new innovations include:
Native user and entity behavior analytics (UEBA) threat detection for greater transparency and increased flexibility.
Triage and enrichment playbooks from cloud security orchestration, automation and response (SOAR).
Machine learning-powered detection and investigation.
Timm Hoyt, Sumo Logic‘s senior vice president of worldwide partners and alliances, said everybody’s always looking to do more with less.
“But in times like these, we know that customers are already starting to ratchet down budgets and are seeking opportunities to do more with less,” he said. “And so a platform like Sumo Logic … that’s a great way for partners to be involved and have that conversation proactively, if not being demanded by customers of my business, “help me understand where can I consolidate without losing capabilities.” In fact, in our world, we think we’re a great place not just to consolidate, but to consolidate and innovate with more capabilities that come from customers who are utilizing the platform. And that’s a great win for our partners because they now have the ability to, in some cases, go consolidate and acquire more of the customer’s solution and their internal budget, by having this platform.”
Geoff Bibby, OpenText‘s senior vice president, was on hand at RSA to talk about the latest with its top brands, including Webroot and Carbonite. OpenText is embedding new capabilities in its Security Cloud platform to benefit MSPs.
With the acquisitions of Webroot, Carbonite and more in recent years, OpenText has become a giant in cybersecurity.
“We recently took the Webroot brand, and the Webroot security awareness training and DNS offering, and we embedded that in Security Cloud,” Bibby said. “So now it’s just a dropdown for our partners to be able to consume so they can get security awareness training, DNS and endpoint all from one single pane of glass. Then later in the year we’re going to do the same thing for Carbonite, where it’ll be embedded into the Security Cloud platform. Our MSPs are near and dear to us, they’re part of the family, they’re a huge part of our success and really they’re the No. 1 way we can really scale the business.”
In March, XM Cyber acquired Confluera, which provides next-generation cyberattack detection and response for the cloud.
Uri Levy, XM Cyber’s senior vice president of worldwide sales and field operations, talked to us about the strategy behind the acquisition.
In parallel with its channel strategy, XM Cyber also is executing a platform-based play, Levy said.
“Our product has multiple different models, so it’s a land-and-expand strategy where partners could start with a certain use case, let’s say attack path management, and move to managing security controls and monitoring them for their customers,” he said. “And the latest acquisition that we just announced with Confluera is adding or boosting our cloud offering and adding detection and response in the cloud on top of the preventive visibility and analytics that we have today to understand all the attack paths and the ways that attackers could actually compromise critical assets in the cloud.”
XM Cyber is building a platform that will be one of the most comprehensive continuous exposure management platforms, Levy said.
“There is a consolidation wave in the market,” he said. “Usually when there is downturn in the markets, people want to get more from what they bought and they cannot. They want to kind of squeeze and consolidate the many vendors and many security applications they are using. So I think we are perfectly aligned with that trend.”
Karen Worstell, VMware‘s senior cybersecurity strategist, was on hand to talk about three trends that play right into the hands of cybercriminals.
“Our No. 1 thing that gets in our way is technical debt,” she said. “Modernization, digital transformation of the environment, has got to be a priority. We can’t keep operating the way we have been because it gets in the way of everything.”
No 2 is continuing silos within organizations, Worstell said.
“So you’ve got a network operations team who thinks the world revolves around the network,” she said. “And you’ve got a security team who’s trying and who’s got a specific kind of a role. It’s not a broad, encompassing role necessarily. Security is seen in a certain slot and and then you’ve got the rest of it and they’ve all got a variety of tools. I think the average is like 50. So the one of the things that concerns me is I know what it takes to put in the overhead, to knit all those things together; the insecurity is in the seams. So it’s having an integrated environment where those seams are eliminated as much as possible, and the data is brought together and correlated so that both vulnerabilities and active threats in the environment can be detected much more quickly.”
And No. 3 is the big question around the future of the CISO, Worstell said.
“Now we have new U.S. Securities and Exchange Commission (SEC) rules and we have some new standards in the legal realm that are starting, and we have the insurance issue,” she said. “So all of those things I think are starting to move us toward elevating the conversation about security so that it’s really a board-level conversation and board-level accountability where the board has that risk management oversight, accountability, and the executive team is accountable for the implementation of it. So I think we’re going to see some morphing in the way we talk about risk and risk management.”
In February, less than a week after its launch by Open Systems, Ontinue unveiled its first partner program. It followed the launch of Ontinue’s ION managed extended detection and response (MXDR) service. The service supports Microsoft security solutions.
At RSA, Ontinue CEO Geoff Haydon gave an update on the company’s channel strategy.
“So we think about the role of partners in two forms,” he said. “First of all, our objective is to combine members of the Microsoft channel community, their capabilities and service offerings with ours to enrich our value proposition to a customer. So a partner may have service offerings that a customer might be interested in before adopting an MDR service, a security assessment or a posture review. There may be services around the MDR service as it’s being deployed. There may be services after the MDR service has been deployed, like incident response. So we think of these various complementary service offerings in combination with our MDR offering as really enriching our value proposition to a customer.”
The role of the partner community is to make Ontinue‘s MDR offering stronger by combining it with complementary services, Haydon said.
“That’s one objective,” he said. “The second one is transparently just expanding our market presence and market reach, leveraging the presence and prominence of those partners to really expand and elevate our position in the marketplace. And so we’ve been very thoughtful and specific about the kinds of companies that can bring that value to us. As I said, we’re looking entirely within the Microsoft community. There are two partner profiles that have tended to emerge. One is partners that are focused on cloud adoption and productivity. The other type of partner that we do a lot of work with is the security consulting partner. [These are] partners that have a lot of expertise in Microsoft and Azure security, but don’t offer a managed cybersecurity service. And so very often they’ll do an assessment, they’ll get us involved, and we’ll service that customer on an ongoing basis in conjunction with that partner.”
Ontinue has been informally working with partners for about a year, and “we’ve seen a very high level of interest within the partner community because of the synergy that exists between what we do and what they do,” Haydon said.
“And also Microsoft has been extremely supportive at connecting us with their partner community, facilitating those conversations, because obviously it makes the adoption of their solutions more compelling for our joint customers,” he said. “And our partner program really bought some more structure and definition, and scale to what we’re doing with the partner community.”
In February, less than a week after its launch by Open Systems, Ontinue unveiled its first partner program. It followed the launch of Ontinue ’s ION managed extended detection and response (MXDR) service. The service supports Microsoft security solutions.
At RSA, Ontinue CEO Geoff Haydon gave an update on the company’s channel strategy.
“So we think about the role of partners in two forms,” he said. “First of all, our objective is to combine members of the Microsoft channel community, their capabilities and service offerings with ours to enrich our value proposition to a customer. So a partner may have service offerings that a customer might be interested in before adopting an MDR service, a security assessment or a posture review. There may be services around the MDR service as it’s being deployed. There may be services after the MDR service has been deployed, like incident response. So we think of these various complementary service offerings in combination with our MDR offering as really enriching our value proposition to a customer.”
The role of the partner community is to make Ontinue‘s MDR offering stronger by combining it with complementary services, Haydon said.
“That’s one objective,” he said. “The second one is transparently just expanding our market presence and market reach, leveraging the presence and prominence of those partners to really expand and elevate our position in the marketplace. And so we’ve been very thoughtful and specific about the kinds of companies that can bring that value to us. As I said, we’re looking entirely within the Microsoft community. There are two partner profiles that have tended to emerge. One is partners that are focused on cloud adoption and productivity. The other type of partner that we do a lot of work with is the security consulting partner. [These are] partners that have a lot of expertise in Microsoft and Azure security, but don’t offer a managed cybersecurity service. And so very often they’ll do an assessment, they’ll get us involved, and we’ll service that customer on an ongoing basis in conjunction with that partner.”
Ontinue has been informally working with partners for about a year, and “we’ve seen a very high level of interest within the partner community because of the synergy that exists between what we do and what they do,” Haydon said.
“And also Microsoft has been extremely supportive at connecting us with their partner community, facilitating those conversations, because obviously it makes the adoption of their solutions more compelling for our joint customers,” he said. “And our partner program really bought some more structure and definition, and scale to what we’re doing with the partner community.”
RSA CONFERENCE — More new tools from CrowdStrike and Sumo Logic, and partner program sneak peeks from Bugcrowd and Delinea highlighted day two of RSAC 2023. And Channel Futures is there.
The conference wraps on Thursday.
A major theme of RSAC 2023 is artificial intelligence (AI) and cybersecurity, specifically how to use good AI to fight cybercriminals who use bad AI.
AI Chatter at RSAC 2023
We asked some cybersecurity vendors about what AI and cybersecurity means to them.
Dave Gerry, Bugcrowd‘s CEO, said there’s a need and a desire to make security professionals more efficient.
Bugcrowd’s David Gerry
“This isn’t about replacing what the human beings are doing,” he said. “We know we’re always going to need security analysts. We’re always going to need really strong security professionals. But what this is going to help them do is scale. This is going to make them more efficient. This is going to take away some of the more basic tasks to allow them to go focus on the really high-value pieces of security work that we need them doing. And that’s what we’re really excited to see.”
Geoff Bibby, OpenText‘s senior vice president, said, ‘Before we head down that path, I think it’s really important for people to actually just spend time as a company figuring out what your policy framework is and knowing what is your organization stance on it.”
OpenText’s Geoff Bibby
“A lot of organizations are not there yet,” he said. “So I think we’re a long way off from it really being something that is truly going to impact, you know, smaller channel providers. We’re all over the conversation and we’ll be an active part of it. But at the moment, I think that the rhetoric around it is way ahead of the reality. I think it’s a very good thing. Without proper policy in place, it’s a you’d be careful what you wish for kind of thing. So I think it’s a really good thing to start there first.”
Scroll through our slideshow above for more from RSAC 2023.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like