Managed Security Services, Risk Identification/Classification/Mitigation

Picus Security Intros Entry Level Breach and Attack Simulation

Hacker attack computer hardware microchip while process data through internet network, 3d rendering insecure Cyber Security exploit database breach concept, virus malware unlock warning screen

Breach and attack simulation provider Picus Security is launching a new channel partner program designed to simplify its partnerships with VARs and to help managed security service providers (MSSPs) add a differentiating offering to their lineups.

Picus is no newcomer to the channel. The company has been 100% channel since its inception, according to Ryan Kunker, senior director of Channel and Alliances. The Picus Managed Security Services Provider Partner Program is Kunker’s new creation. He joined the company in February after nearly a decade in channel-related leadership roles in cybersecurity companies, including a stint running his own VAR business.

In his first 10 months on the job, he's worked to make the company's platform multi-tenant for its MSSP client base.

Helping MSSPs and Their End Customers Get Started

One of the obstacles many end customer organizations face when it comes to breach and attack simulation — an offensive technology — is a high entry level price. For that reason, it’s been a challenge for MSSPs to sell this service into their end client companies.

Overall, there’s just a really low adoption rate, maybe 10%, for “offensive” technologies such as breach and attack simulation, Kunker said. For organizations that are just getting started, the cost of a continuous license for services like this may seem insurmountable.

“Not everybody is ready to spend for the continuous license,” he told MSSP Alert.

The expenses go beyond the continuous license and platform installation.

“It’s the people and the processes that are in place to be able to digest this data and make adjustments to their security posture on a regular basis,” he said.

Yet, these types of technologies can be crucial to improving the security posture of end customer organizations.

Gartner named continuous threat exposure management (CTEM) as one of its Top Strategic Technology Trends for 2024. The analyst firm noted that organizations often cannot patch every exposure. For instance, unpatchable attack surfaces, such as the cloud and SaaS applications, leave organizations open to more risk.

Gartner says CTEM is its new umbrella term for forward-looking and sustainable approaches to exposure reduction. Breach and attack simulation is one of the technologies that falls under that umbrella. But costs are still an issue for organizations with a lower security maturity level, Kunder said.

How Interval Licenses Work

To help MSSPs get their end customer organizations started with this technology, Picus Security has introduced an interval license option. These are 14-day engagements that allow people to “dip their toes in,” Kunker said. Interval-based licenses allow MSSPs to purchase credits that allow an entry cadence for validation assessments.

Why aren’t companies just offering one-off assessments? Kunker said that software-as-a-service (SaaS) companies and MSSPs shy away from one-time offerings like that because they cannot be claimed as annual recurring revenue (ARR). That means those revenues don’t contribute to your valuation and help with future rounds of funding.

Interval licenses enable MSSPs to choose an interval of once a year, twice a year, four times a year or six times a year. That's because it’s an interval, it counts towards ARR, but it allows MSSPs to issue out those license credits the way they see fit, he said.

Recognizing that MSSPs expect margins of 65-70% margin it would take just three or four clients onboard for interval licensing to achieve the necessary ROI for an MSSP, according to Kunker.

The VAR Program

Picus Security’s new VAR program unifies several different regional reseller programs into a single global program with three tiers: platinum, gold and silver. It includes all the standard benefits partners expect, including deal registration and training.

A new partner portal provides both generic training in cybersecurity and then gated content includes more Picus-specific training.

Why MSSPs Should Offer Breach and Attack Simulation

Kunker believes that offering offensive security services or CTEM — breach and attack simulation, automated penetration testing, attack path validation, attach service management, and detection engineering — are the next big thing for MSSPs.

These services may not be part of an MSSP’s core stack of services. Yet. But they are add-on services that can help MSSPs differentiate themselves when it comes to winning new clients away from competitors.

“This gives MSSPs a good way to unseat an MSSP that’s already in place,” Kunker said. “The hardest thing for MSSPs is getting new clients.”

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.