MSSP, MSP, Security Management, Security Operations

Cybersecurity Consolidation Ahead: Tool Sprawl Rolls Up to Platforms


For years, MSSPs and MSPs have been assembling cybersecurity defenses for business clients by piecing together a wide range of individual security applications from multiple vendors to fortify strong, armored walls against cyberattacks.

But that may be changing as more cybersecurity vendors themselves are looking to simplify and improve their outward-facing defense products by creating and offering integrated, all-in-one, single-vendor cybersecurity platforms that are pre-assembled to bolster the security of business customers around the world.

For MSPs and MSSPs, a benefit of this platform approach is that they can deal with just a single vendor instead of working with products from multiple vendors and having to assemble them for business customers to fit their individual requirements. Other benefits include tighter and better product integration, as well as giving MSSPs and MSPs additional services to offer and sell to their clients, allowing them to potentially grow more revenue without adding new customers.

With all these changes happening around them, it is a good time for MSSPs and MSPs to take a hard look at this new trend and how it will affect them as well.

Advocating the Platform Approach to Security

One expert, Jay McBain, the chief analyst of channels, partnerships and ecosystems at research firm Canalys, believes that the platform approach for security is the wave of the future for MSSPs and MSPs.

“The cybersecurity industry is moving from 6,500 disparate ‘tool makers’ to 4 or 5 comprehensive platforms that will lead the industry forward into zero trust and SASE models,” McBain recently wrote in a post on LinkedIn. “Plenty of people in the industry have been complaining about the number of cybersecurity tools in recent years and the challenge of managing so many of them. Everybody wants to become a platform company instead.”

The platform business model has been around for a long time across industries, wrote McBain. And the value of platforms continues as vendors drive subscription and consumption models, which are now transitioning into more mature platform thinking and execution.

“By the end of the year, we will be mid-way through the decade of the ecosystem and winners and losers are starting to emerge,” wrote McBain. “The pressure is increasing on channel and partner leaders to deliver at a new level of scale, complexity and personalization, and to figure out the people, processes, programs and underlying technology that will drive competitive advantage in the decade of the ecosystem.”

Cybersecurity Platforms Are Proliferating

Many IT security vendors are already making these adjustments in their product lines as they introduce new all-in-one cybersecurity platform offerings. SonicWall debuted its new cybersecurity platform, SonicPlatform, in April at the RSA security conference in an offering that integrates a wide range of SonicWall cybersecurity applications into a single interface, making it easier to manage for MSSPs and MSPs.

SonicPlatform includes applications for endpoint security, wireless access, cloud email security and threat intelligence, security service edge (SSE), zero trust network access (ZTNA) and managed security services such as managed detection and response (MDR). SonicWall said it is aiming the new platform at MSSPs and MSPs to ease their management and automation activities.

Another vendor, SentinelOne, has morphed from its original endpoint protection tool offerings into its broad unified platform offering endpoint protection, EDR, extended detection and response (XDR), and threat intelligence.

Stellar Cyber, which originally offered security analytics and threat detection tools, now offers its broad Stellar Cyber Open XDR platform, integrating network detection and response (NDR), endpoint detection and response (EDR), security information and event management (SIEM), and security orchestration, automation, and response (SOAR).

CrowdStrike, Palo Alto Networks, Fortinet, Sophos, Cisco, Trend Micro, Symantec, Kaseya, ConnectWise and others have also built broad, integrated platforms out of their previously individual applications and services.

“This is a Transformation That is Taking Place”

Michael Crean, the vice president of managed security services at SonicWall, another expert who spoke with MSSP Alert on the move to platforms, said that he sees the same trend as McBain describes.

“This is a transformation that is taking place” in platform accessibility and cybersecurity service integrations for MSPs and MSSPs, said Crean, who previously founded and led master MSSP Solutions Granted before it was acquired by SonicWall in November 2023.

Crean sees this trend coming together in the marketplace when he was running Solutions Granted.

“We were trying to consolidate tools to give MSPs more of an opportunity to go to one place” for MDR, email security, firewall monitoring, and more,” he said. “We were becoming more of an all-inclusive security operations center (provider) while also helping MSPs to dramatically the number of their individual security vendors from 50 or more down to a more manageable number.

“If you are a 10-person company and you have 40 vendors, that is a whole lot of vendor management, that is a whole lot of vendor risk, with additional billing and accounts payable. That stuff becomes hugely burdensome and it decreases your efficiencies.”

These needs and new approaches are “absolutely 100% taking place actively in the SMB space” today, Crean said. “Everybody is looking to get… that holy grail, this single pane of glass” and the numerous mergers and acquisitions happening in the industry are further evidence of this platform-creating trend.

“You see more companies acquiring more companies and becoming more of that single source” he said. “SonicWall is not a lot different.”

Ten years ago, things were different, Crean said. Back then “everybody was buying the best of breed and so that is where we got to this vendor sprawl problem where everybody just has too many tools, too many vendors.”

Todd R. Weiss

Todd R. Weiss is a contributing editor to ChannelE2E and MSSP Alert. He is an award-winning technology journalist and freelance writer who covers the full range of B2B IT topics. He served as managing editor at and was a staff writer for Computerworld and He is a diehard Philadelphia Phillies, Eagles, Flyers and Sixers fan and says he is the world’s worst golfer.