Continuum has acquired CARVIR, a master MSSP and SOC provider that offers managed security services to MSPs in the SMB (small and midsize business) sector. In a phone and email Q&A with MSSP Alert and ChannelE2E, Continuum CEO Michael George explained the deal.
Here's a recap of the conversation.
MSSP Alert: Before we discuss CARVIR, let’s rewind. Continuum unveiled its security strategy at your Navigate 2017 conference in November. You beta tested the services thereafter. And I think you formally launched the services around May 2018 or so. What did the beta process teach Continuum about MSP security needs, your offerings, etc.? And how has the rollout gone?
Continuum CEO Michael George: This biggest thing we learned was the breadth of maturity MSPs and their clients had around security. We met with many partners who were very early in their security journey and required very fundamental protection, while others we met with had more advanced needs. So while we’ve seen great response and adoption of our Profile & Protect and other foundational offerings, we also quickly saw the need for more advanced offerings which CARVIR was a perfect fit for.
MSSP Alert: At what point did you see CARVIR as a potential addition to the strategy? Did you spot a gap/opportunity in your services during the beta testing stage?
Continuum CEO Michael George: As we entered our early adopter program we hypothesized the need for more advanced endpoint and network detection and response offerings. The early response we got from partners confirmed this hypothesis the needed more advanced detection and response solutions to compliment our offerings which drove us into deeper conversation with CARVIR very quickly.
MSSP Alert: CARVIR brings two new services to your portfolio (1) Detect & Respond – Endpoint and (2) Detect & Respond – Network & Compliance. How do those complement your existing services – such as Profile & Protect?
Continuum CEO Michael George: The Detect & Respond offerings provide two advanced offerings for our partners to offer to their clients as additional security services. But to offer any add on services, whether it be a managed SIEM offering or something like user awareness training, MSPs need to define what their current services are and convince their client that they have a need for more security services. Profile & Protect allows MSPs to do this. Profile & Protect allows MSPs to define their security services, to ensure they are living up to the promises they made with their security services, and to then help clients understand the exposures they have based on their current solutions and the additional services they can put in place to reduce their risk. This creates a very harmonious relationship for MSPs to be able to show their clients their current services, how they are adhering to them, the risks that still exist, and then provide them with advanced tools to reduce those risks for the client when needed.
MSSP Alert: CARVIR leverages SentinelOne. Is that a new toolset to your portfolio or had the Continuum team leveraged/tested SentinelOne ahead of the M&A deal?
Continuum CEO Michael George: We have been able to spend time with SentinelOne not only as part of this acquisition, but prior to it as well. We have always felt that SentinelOne provides a set of enterprise class Endpoint Detection and Response capabilities that aligns well with the needs of this market, but we also have understood the complexity for an MSP to adopt and EDR solutions and keep up with the amount of information and management involved with these types of tools. This is what made CARVIR model so interesting, they had harnessed the power of SentinelOne while simplifying the management through the support of their SOC.
MSSP Alert: As a result of the acquisition, Continuum’s SOC has expanded across two locations in the United States and India. Are each of the SOCs providing the same services, for follow-the-sun capabilities worldwide?
Continuum CEO Michael George: Our plan is to maintain the operational location north of Atlanta, George. We will merge the two teams under single leadership. CARVIR's U.S.-based SOC provides a unique complement to Continuum’s current India-based SOC by adding additional expertise as well as geographical diversification to enable us to further scale our security offerings. Ultimately this will improve the level of service when security incidents do arise.
MSSP Alert: How many CARVIR employees, approximately, join your team?
Continuum CEO Michael George: The entire CARVIR team, just over 30 employees, has joined our Continuum team.
MSSP Alert: Overall, MSSP Alert senses that technology companies are struggling to deliver an outsourced SOC that appeals to VARs and MSPs – in terms of technology, business & cost models, etc. We're not necessarily referring to Continuum. It’s the industry as a whole. We're getting calls weekly from partners and technology vendors seeking a universal SOC partner for the channel. Amid that demand -- and partner difficultly finding a solution -- why will Continuum succeed with security services for MSPs where so many other vendors and SOC providers are currently struggling.
Continuum CEO Michael George: It's true – starting a scalable SOC that aligns with MSP’s needs and cost structures is very difficult, but it is a problem that Continuum is very familiar with. The challenges with creating a scalable SOC for MSPs are very similar to those to starting and running a scalable NOC for MSPs. Over the past seven years Continuum has invested and developed a model to provide these NOC technologies to MSPs; it is those skills, combined with CARVIR's SOC and security skills, that provide critical components that will enable us to be successful in solving this critical problem for MSPs.