The Value of Marketplaces as a Purchasing Tool for MSSPs

LAS VEGAS, NEVADA – NOVEMBER 30: Attendees walk through an expo hall during AWS re:Invent 2021, a conference hosted by Amazon Web Services, at The Venetian Las Vegas on November 30, 2021 in Las Vegas, Nevada. (Photo by Noah Berger/Getty Images for Amazon Web Services)

MSSPs’ resource constraints often extend through to procurement, many having to manage a slew of vendors to find competitive pricing on the products and services needed to “keep the lights on.” Having to manage multiple vendors for everything from office supplies to Microsoft 365 subscriptions takes precious time that many MSSPs just don’t have. So, what’s the solution?

Vulnerability Management? There’s an Amazon for That

In an effort to remain competitive and profitable in today's market, many MSSPs are forced to price shop for the products and services they need to run their business, everything from core stack products like endpoint protection and vulnerability management, to coffee and paper towels, MSSPs are looking for the best deal they can find. Sure, businesses can consolidate some spend, maybe by leveraging a distributor or two and business accounts at major retailers, but what if there was one place for everything you need for your business?

It turns out there is, in fact, one place to go for all of your business spending needs, Amazon and Amazon Web Services (AWS) Marketplace. Need paper plates for the break room? Amazon. Need an Endpoint Security solution?  AWS. Need a new firewall? AWS. Need a next-generation vulnerability management solution? There’s Amazon for that too!

Dynamic application security testing (DAST) is the cornerstone of next-generation vulnerability management for MSSPs and the easiest and most versatile approach to testing web application security. Because they are technology-agnostic and can test any web application that runs in a modern browser regardless of the underlying technology stack, DAST scanners are quick to set up and can start reporting security issues within hours. By bringing their DAST solutions into the AWS Marketplace, vendors are making the purchasing process equally fast and easy for MSSPs.

Any MSSP can now purchase DAST scanning through their existing AWS cloud agreement. The option to purchase through the AWS Marketplace gives MSSPs the added convenience of consolidated billing as well as access to flexible funding sources to support their cloud migration, deployment, and security efforts.

“Now, MSSPs can protect their client’s web applications with DAST solutions in a streamlined purchasing process,” said Alvaro Warden, Director of Channels and MSSP at Invicti. “Having the option for MSSPs to add DAST capabilities to their AWS bill directly through AWS Marketplace simplifies procurement, expedites return on investment, and extends the reach of accurate, automated, continuous scanning solutions to MSSPs customers worldwide.”

Enterprise-Grade Security Testing for the SMB

Even as global cybersecurity awareness increases and cyberattacks are in the news every week, many organizations still rely on protection rather than prevention, downplaying the importance of application security testing. With DAST solutions now available for easy purchase via AWS Marketplace, MSSPs can finally help their customers take control of their attack surface.

The value of taking a DAST-first approach to vulnerability management lies in the combination of Role Based Access Control, multi-tenancy, and API integration. Accurate vulnerability scanning across entire application environments makes it possible to schedule what is, in effect, automatic penetration testing as often as needed (and at no extra cost) to continuously identify and mitigate any exploitable issues in web applications. Multi-tenancy with role-based access control allows you, the service provider, to make your SOC analysts more efficient, and even extend access to your clients.

DAST eliminates hundreds of hours of manual tasks by reducing time-wasting false positives using Proof-Based Scanning technology. It also helps developers fix issues quickly with detailed documentation that pinpoints vulnerability locations. For example, in the past year, Invicti helped its customers scan over 420,000 web applications.

Benefits for MSSPs of the AWS Marketplace:

  • Streamline customer access to vulnerability management tools.
  • Simplify billing and administrative costs for application security offerings.
  • Reduce vendor sprawl. Cut down on excess vendor relationships by purchasing through AWS Marketplace

Guest blog courtesy of Invicti, an international web app security company headquartered in Austin, Texas. See more Invicti guest blogs here. Regularly contributed guest blogs are part of MSSP Alert’s sponsorship program