28 SOC as a Service (SOCaaS) Options for MSPs, MSSPs
Dozens of companies are introducing SOCaaS (Security Operations Center) as a Service-type capabilities for MSPs and MSSPs. The reason? Tens of thousands of small MSPs can’t afford to build out their own SOCs. Plus, established MSSPs are seeking more ways to automate and scale their cybersecurity business practices.
Key SOCaaS options for MSPs and MSSPs, listed alphabetically, include the following companies — many of whom are also Top 200 MSSPs for 2019. And yes, the lineup now extends beyond 25 companies as of December 2019:
1. Alien Vault from AT&T Cybersecurity: Roughly six months after AT&T acquired AlienVault, the parent company in March 2019 reorganized is cybersecurity assets into a new standalone business division. The strategy: Combine the AT&T Cybersecurity Consulting and AT&T Managed Security Services to form a new standalone division, AT&T Cybersecurity. Fast forward to present day. A lengthy list of MSSPs and MSPs leverage AlienVault Unified Security Management (USM) for continuous security monitoring, log management, and out-of-the-box compliance reporting.
2. Arctic Wolf Networks: A pure channel strategy recently emerged after the SOCaaS provider raised $45 million in Series C funding in October 2018. Key relationships and/or integrations include ConnectWise, Ingram Micro, Splunk and may others. Key Arctic Wolf Networks adopters include LDM Global and Secure Data Technologies.
3. Binary Defense: The company recently hired FBI veteran Randy Pargman as senior director of threat hunting and counterintelligence. Binary Defense also partners with Ingram Micro and Arctic Wolf Networks for an expansive SOCaaS solution.
4. BLOKWORX : In addition to educating and training partners, BLOKWORX provides white label SOC and Endpoint Defense Services to MSP partners. The company embraced a channel-only strategy in January 2018
6. ChannelSOC: The AT&T Cybersecurity partner leverages AlienVault to provide white label SOC services to MSSPs & MSPs. The services include setup, tuning, managing and monitoring the SIEM and vulnerability management — through ChannelSOC’s 24×7 SOC. The company works with existing AlienVault partners that don’t have SOC operations, and partners that don’t have a SIEM or a SOC vendor. ChannelSOC also provides Incident Response, Threat Hunting and other Forensic services.
7. Continuum: A major services platform provider for MSPs and MSSPs, Continuum has expanded from its NOC (network operations center), help desk and RMM (remote monitoring and management) heritage to offer expansive SOC and MDR (managed detection and response) services to MSPs. Key partners include Fortinet, Netsurion, SentinelOne and Webroot.
8. Collabrance: Owned by GreatAmerica, Collabrance is a Master MSSP. The company in 2018 integrated security information and event management (SIEM) and vulnerability and penetration (VUL/PEN) testing into its master MSSP offering for partners.
9. Critical Start: The MDR provider in mid-2019 raised $40 million to expand nationwide across the United States. The funding involves a minority investment from Sagemount, a growth equity firm. Critical Start’s focus areas include a heavy partner emphasis.
10. Cyberhat: The company in April 2019 raised $6 million in a funding led by venture capital firm Mangrove Capital Partners. The company is using the funding to expand globally and enhance its CYREBRO SOCaaS platform.
11. CyberSafe: The MSSP offers clients SOC-as-a-Service. The SOC is located in a Tier IV data center and consists of industry experts, 24/7/365. The company is actively inviting MSPs and MSSPs to join CyberSafe’s partner program.
12. CYBERShark: Owned by BlackStratus, CYBERShark is white label SOCaaS option for partners.
13. CyFlare: The company’s SOC-in-a-Box provides breach detection and vulnerability scanning capabilities to MSPs. That SOCaaS platform expanded to support the Syncurity IR-Flow security orchestration, automation and response (SOAR) platform in early 2019.
14. Delta Risk: The company in October 2019 released version 2.0 of its cloud-native Security Orchestration and Automation (SOAR) platform, ActiveEye. The upgrade eliminates more than 95 percent of false positives from thousands of daily security alerts generated by endpoint detection and response solutions, security information and event management (SIEM) devices and software, cloud applications, and cloud infrastructure, the company says.
15. Digital Hands: The company in July 2019 raised $15 million in private equity to accelerate its SOCaaS strategy for partners. Digital Hands provides the following managed security services through partners:
- Managed Firewall.
- Network Security.
- Managed IDS/IPS.
- Unified Threat Management.
- Managed Endpoint Protection.
16. Flexis: The company provides both SOC and NOC services to MSPs and MSSPs. Flexis doesn’t force customers to use its tools (in fact, Flexis doesn’t develop tools). Instead, the company leverages best-of-breed tools that customers want. Flexis claims to be one of the few SOC providers that has deep infrastructure experience due to 10-plus years selling NOC services to MSPs.
18. Infogressive: A well-known Master MSSP that has been ahead of the curve assisting MSPs and other channel partners with risk mitigation and proper ransomware defenses.
20. Netsurion: One of the rare software companies that controls its intellectual property across SIEM, endpoint protection and SOCaaS. Netsurion is a Master MSSP of sorts that works with a growing list of MSPs and MSSPs.
21. Perch Security: CISO Wes Spencer in this interview explains Perch Security’s MSP partner strategy for co-managed threat detection & response (MDR), plus SOC services. The company has investment backing from ConnectWise and Fishtech Group.
22. Proficio: The Top 200 MSSP offers SOCaaS and has expanded into managed detection and response (MDR). Fully-managed SOC services provide 24/7 monitoring and response services, and co-managed or hybrid SIEM provides customers’ cyber staffs with an additional layer of coverage.
23. Radar Services: The Radar SOCaaS modules include Advanced Threat Detection; Host-Based Intrusion Detection System; Network-Based Intrusion Detection; Security Information and Event Management (SIEM);Vulnerability Management and Assessment.
24. SOCsoter: Best known as an MSSP, SOCsoter also promotes SOCaaS-type services via channel partners.
25. SKOUT: The company, which provides a cloud-native platform delivered by MSPs, raised $25 million in Series B funding led by ClearSky in September 2019. SKOUT’s team also includes Datto veterans who are very familiar with MSP-centric partner and sales models.
26. StratoZen: The company offers SIEMaaS and SOCaaS through partnerships with such companies as Fortinet.
27. Veronym: Better known for its Microsoft Windows, macOS, iOS and Android security tools, there are signs that the company is pushing toward SOCaaS.
28. Vertek: Launched in 1988, the company has evolved to offer managed SIEM and SOCaaS, and positions itself as a master MSSP to partners.
More SOCaaS Options for Partners
Whom did we miss? Email Content Czar Joe Panettieri (Joe@AfterNines.com).