CRN’s 2024 Products Of The Year

CRN staff compiled the top partner-friendly products that launched or were significantly enhanced over the past year and then turned to solution providers to choose this year’s winners.

And The Trophies Go To…
The CRN 2024 Products of the Year awards honor the leading partner-friendly IT products as selected by the solution providers that develop solutions and services around these products and bring them to their customers.
CRN editors selected finalists in 30 technology categories from products that were newly launched or updated between September 2023 and September 2024. The categories range from mainstay channel products in enterprise networking, enterprise storage and SD-WAN to products in newer technology areas such as application performance/observability, artificial intelligence architecture and AI PCs.
We then asked solution providers to rate the products based on three subcategories: technology, revenue and profit, and customer need. Products with the highest overall score (the average of the three subcategory scores) in each product category was named the winner.
What follows are the winners, subcategory winners and finalists for 2024.

Application Performance and Observability
Winner Overall: IBM Instana Observability
IBM Instana Observability automatically discovers, maps and monitors all services and infrastructure components, providing complete visibility across an application stack. It continuously captures every trace, detects changes in real-time, and provides detailed insights to automate root cause detection and problem resolution. Instana’s approach to observability includes built-in automation, application and infrastructure context, and AI-powered intelligent actions.
IBM Instana Observability scored highest overall in this product category and highest for revenue and profit and for customer need.
Subcategory Winner – Technology: Dynatrace Unified Observability Platform
Finalist: Datadog Observability Platform
Finalist: Grafana 11
Finalist: New Relic Observability Platform
Finalist: Splunk Observability Cloud

Artificial Intelligence: AI PCs
Winner Overall: Acer TravelMate P4 14
The Acer TravelMate P4 14 laptop for business professionals is an AI-ready business laptop with Microsoft Copilot, TravelMate Sense, and PurifiedVoice with AI Noise Reduction. The product harnesses the power of the Intel Core processor with built-in vPro Essentials hardware security and Intel Unison phone integration capabilities.
The Acer TravelMate P4 14 scored highest overall in this product category and highest for technology and for revenue and profit.
Subcategory Winner – Customer Need: HP EliteBook 1040 G11
Finalist: Apple MacBook Pro
Finalist: Dell Latitude 7455
Finalist: Lenovo ThinkPad 14S Gen 6
Finalist: Samsung Galaxy Book4 Pro

Artificial Intelligence: Infrastructure
Winner Overall: Supermicro AS-4125GS-TNHR2-LCC
The Supermicro AS-4125GS-TNHR2-LCC is designed for large-scale and cloud-scale compute tasks in AI, high performance computing, AI/deep learning, and deep learning/AI/ML development. The rackmount, liquid-cooled server runs on Nvidia H100 GPU processors.
The Supermicro AS-4125GS-TNHR2-LCC scored highest overall in this product category and highest for revenue and profit and for customer need.
Subcategory Winner – Technology: Dell PowerEdge R760xa
Finalist: Lenovo ThinkSystem SR780a V3

Artificial Intelligence: Productivity Suites
Winner Overall: Gemini For Google Workspace
Google Gemini is an AI-powered assistant that helps with a variety of tasks including writing, coding, research, data analysis and design. Gemini is integrated into Gmail, Docs and Sheets.
Gemini for Google Workspace scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: Microsoft Copilot

Big Data
Winner Overall: HPE Ezmeral Data Fabric Software
Hewlett Packard Enterprise’s HPE Ezmeral Data Fabric Software is a platform for data-driven analytics, machine learning and AI workloads. It serves as a secure data store and provides file storage, NoSQL database, object storage and event stream capabilities. The product reduces data silos with a unified data lakehouse, and centrally manages and governs data while accessing it directly where it resides.
HPE Ezmeral Data Fabric Software scored highest overall in this product category, highest for revenue and profit and for customer need.
Subcategory Winner – Technology: Cloudera Open Data Lakehouse
Finalist: Databricks Data Intelligence Platform
Finalist: Microsoft Intelligent Data Platform
Finalist: Snowflake Data Cloud
Finalist: Starburst Galaxy

Business Applications
Winner Overall: SAP S/4HANA
S/4HANA is SAP’s flagship ERP (enterprise resource planning) business application suite that provides finance, accounting, procurement, supply chain, production and employee management capabilities. The software uses AI and machine learning to analyze operational data and automate routine business tasks.
SAP S/4HANA scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: Epicor ERP
Finalist: Oracle NetSuite
Finalist: Microsoft Dynamics 365
Finalist: Sage Intacct

Business Intelligence and Data Analytics
Winner Overall: MicroStrategy ONE
MicroStrategy ONE is a cloud-based, AI-powered business intelligence system that turns raw data into actionable insights. The software provides an array of role-based analytical capabilities and offers no-code, low-code and pro-code options for infusing analytics into business operations.
MicroStrategy ONE scored highest overall in this product category and highest for revenue and profit. It tied with the highest scores for customer need.
Subcategory Winner – Technology: Amazon Redshift
Subcategory Winner – Customer Need: Domo Data Experience Platform (tie)
Finalist: Google Cloud BigQuery
Finalist: Qlik Sense
Finalist: Salesforce Tableau

Data Protection, Management and Resiliency
Winner Overall: Veeam Data Platform
Veeam Data Platform data protection and management software is used by businesses to protect, backup, recover and manage their data across on-premises, hybrid and multi-cloud environments. The system protects data across a range of physical servers, cloud instances, applications and virtual machines.
Veeam Data Platform scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: Cohesity Data Cloud
Finalist: Commvault Cloud Powered by Metallic AI
Finalist: Dell PowerProtect Data Manager Appliance
Finalist: HYCU R-Cloud
Finalist: Rubrik Security Cloud

Edge Computing/Internet of Things
Winner Overall: Scale Computing Autonomous Infrastructure Management Engine (AIME)
Scale Computing AIME provides the AI orchestration and management functionality within SC//HyperCore and significantly reduces the effort required to deploy, secure, manage and maintain IT infrastructure – including edge computing and IoT systems.
Scale Computing AIME scored highest overall in this product category and highest for revenue and profit and for customer need.
Subcategory Winner – Technology: Red Hat Device Edge
Finalist: Eaton iCube
Finalist: HPE Edgeline
Finalist: IBM Edge Application Manager
Finalist: Schneider Electric EcoStruxure Micro Data Center R-Series

Hybrid Cloud Infrastructure
Winner Overall: NetApp Hybrid Cloud
NetApp Hybrid Cloud combines public and private clouds, on-premises data centers and edge locations to run distributed workloads including web and content hosting, application development, data analytics and containerized applications.
NetApp Hybrid Cloud scored highest overall in this product category and highest for revenue and profit and for customer need.
Subcategory Winner – Technology: IBM Hybrid Cloud
Finalist: Dell Technologies Apex Hybrid Cloud
Finalist: HPE GreenLake
Finalist: Nutanix Hybrid Multicloud
Finalist: VMware Cloud Foundation

MSP Platforms
Winner Overall: Kaseya 365
Kaseya 365 is a subscription-based service for MSPs that provides the core functions needed to manage, secure, backup and automate endpoint devices. The company recently introduced Kaseya 365 User to protect user data and identities in Microsoft 365 and Google Workspace environments.
Kaseya 365 scored highest overall in this product category and highest for revenue and profit and for customer need.
Subcategory Winner – Technology: N-able Cloud Commander
Finalist: Atera
Finalist: ConnectWise Asio Platform
Finalist: HaloPSA
Finalist: Syncro Platform

Networking – Enterprise
Winner Overall: Cisco Networking Cloud
Cisco Networking Cloud is Cisco’s AI-native platform built for the global area network that provides unified management, automation, and operational simplicity and security by converging and connecting fragmented on-premises and cloud networks.
Cisco Networking Cloud scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: HPE Aruba Networking Enterprise Private 5G
Finalist: Juniper AI-Native Networking Platform
Finalist: Nile NaaS
Finalist: Prosimo AI Suite for Multi-Cloud Networking

Networking – Wireless
Winner Overall: HPE Aruba Networking Wi-Fi 7 Access Point
HPE Aruba Networking Wi-Fi 7 access point networking devices provide AI-ready, high-performance and secure connectivity for enterprise applications, edge IT and IoT devices. HPE Aruba says the Wi-Fi 7 access points provide up to 30 percent more capacity for wireless traffic than competing products.
HPE Aruba Networking Wi-Fi 7 access point scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: Extreme Networks AP5020 universal Wi-Fi 7 access point
Finalist: Fortinet FortiAP 441K Wi-Fi 7 access point
Finalist: Zyxel Wi-Fi 7 access point

Power Protection and Management
Winner Overall: Eaton 9PX 6kVA Lithium-Ion UPS
Eaton touts the 9PX 6kVA Lithium-Ion UPS as ideal for enterprise IT, edge deployment and light industrial applications. It features remote firmware upgrades and integration with leading hyperconverged infrastructure and virtualization platforms.
The Eaton 9PX 6kVA Lithium-Ion UPS scored highest overall in this product category and highest for revenue and profit and for customer need.
Subcategory Winner – Technology: Vertiv Liebert GXT5 Lithium-Ion UPS
Finalist: CyberPower PFC Sinewave 1U UPS
Finalist: Schneider Electric Easy UPS 3-Phase 3M Advanced

Processors – CPUs
Winner Overall: Intel Core Ultra Series
Intel describes its Core Ultra processors as its premier processor line for desktop systems and mobile devices for enabling AI experiences such as copilots, productivity assistants, text and image creation, and collaboration.
Intel Core Ultra Series scored highest overall in this product category and highest for customer need.
Subcategory Winner – Technology: Apple M3
Subcategory Winner – Revenue and Profit: AMD Ryzen Pro 8040 Series
Finalist: AmpereOne
Finalist: Qualcomm Snapdragon X Elite

Processors – GPUs
Winner Overall: Nvidia H200
With its higher performance and expanded memory bandwidth and capacity, Nvidia’s H200 Tensor Core GPU is a popular processor for GenAI and high-performance computing workloads. Nvidia says the H200 also offers improved energy efficiency and lower TCO than the earlier H100.
The Nvidia H200 scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: AMD Instinct MI300X
Finalist: Intel ARC A570M

Public Cloud Platforms
Winner Overall: Microsoft Azure
Microsoft Azure is one of the industry’s leading cloud platforms that provide services for building, running and managing cloud applications. The platform’s wide range of services include compute, storage, analytics and networking capabilities.
Microsoft Azure scored highest overall in this product category and highest for technology and customer need.
Subcategory Winner – Revenue and Profit: Oracle Cloud Infrastructure (OCI)
Finalist: Amazon Web Services
Finalist: CoreWeave Cloud
Finalist: Google Cloud Platform
Finalist: Snowflake Data Cloud

SD-WAN
Winner Overall: HPE Aruba EdgeConnect SD-WAN
HPE Aruba EdgeConnect SD-WAN is a software-as-a-service wide area network that provides secure connectivity and data access for hybrid work environments. Features include secure access service (SASE), a single management interface for observing and controlling the WAN and SASE, real-time monitoring and virtual WAN capabilities.
HPE Aruba EdgeConnect SD-WAN scored highest overall in this product category and highest for revenue and profit.
Subcategory Winner – Technology, Customer Need: Extreme Networks Extreme Cloud SD-WAN
Finalist: Cisco Catalyst SD-WAN
Finalist: Fortinet Secure SD-WAN
Finalist: Palo Alto Networks Prisma SD-WAN
Finalist: Zscaler Zero Trust SD-WAN

Security – Cloud and Application Security
Winner Overall: SentinelOne Singularity Cloud Security
SentinelOne Singularity Cloud Security provides cloud security, threat detection and response for servers, virtual machines and containers. Part of SentinelOne’s Singularity platform, Singularity Cloud Security works across private and public clouds, including AWS, Azure and Google Cloud Platform.
SentinelOne Singularity Cloud Security scored highest overall in this product category and highest for technology and customer need.
Subcategory Winner – Revenue and Profit: Palo Alto Networks Prisma Cloud
Finalist: CrowdStrike Falcon Cloud Security
Finalist: F5 Distributed Cloud Services Web Application Scanning
Finalist: Orca Cloud Security Platform
Finalist: Tenable Cloud Security
Finalist: Wiz Cloud Security Platform

Security – Data
Winner Overall: IBM Guardium Data Protection
IBM Guardium Data Protection protects sensitive data in the cloud and in on-premises systems. GDP automatically discovers and classifies sensitive data across an enterprise and provides data activity monitoring and analytics, near real-time threat response workflows, and automated compliance auditing and reporting.
IBM Guardium Data Protection scored highest overall in this product category and highest for revenue and profit.
Subcategory Winner – Technology, Customer Need: Zscaler Data Protection
Finalist: ForcePoint ONE Data Security
Finalist: Proofpoint Information Protection
Finalist: Rubrik Security Cloud
Finalist: Wiz DSPM

Security – Email and Web Security
Winner Overall: Mimecast Advanced Email Security
Mimecast Advanced Email Security is a comprehensive, cloud-based email security system that guards email from a range of cyberattacks including spam, viruses and malware. Capabilities include threat intelligence and protection, data leak prevention and secure messaging.
Mimecast Advanced Email Security scored highest overall in this product category and highest for revenue and profit.
Subcategory Winner – Technology, Customer Need: Cloudflare Application Security
Finalist: Abnormal Security Platform
Finalist: Akamai API Security
Finalist: Barracuda Email Protection
Finalist: Proofpoint Threat Protection

Security – Endpoint Protection
Winner Overall: Sophos Intercept X
Sophos Intercept X takes a comprehensive, prevention-first approach to security that Sophos says blocks threats without relying on any single technique. Intercept X provides endpoint detection and response cybersecurity using a wide range of tactics to stop ransomware, breaches, data loss and other advanced threats from impacting end users.
Sophos Intercept X scored highest overall in this product category and highest for technology and customer need.
Subcategory Winner – Revenue and Profit: CrowdStrike Falcon Insight XDR
Finalist: Huntress Managed EDR
Finalist: SentinelOne Singularity XDR
Finalist: ThreatLocker Protect
Finalist: Trend Micro Trend Vision One

Security – Identity and Access Management
Winner Overall: CyberArk Workforce Identity
CyberArk Workforce Identity is a SaaS-delivered system to simplify identity and access management across enterprise systems. The product provide unified workforce and B2B access and identity management within a single offering.
CyberArk Workforce Identity scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: Ping Identity PingOne for Workforce
Finalist: Okta Workforce Identity Cloud
Finalist: Microsoft Entra ID
Finalist: OpenText NetIQ Identity Manager
Finalist: SailPoint Identity Security Cloud

Security – Managed Detection and Response
Winner Overall: Huntress Managed Identity Threat Detection and Response
With Huntress Managed Identity Threat Detection and Response (ITDR), formerly MDR for Microsoft 365, Huntress threat experts monitor and respond in real time to critical security threats such as suspicious login activity, privilege escalation attempts, and email tampering and forwarding.
Huntress Managed Identity Threat Detection and Response scored highest overall in this product category.
Subcategory Winner – Technology: SentinelOne Singularity MDR
Subcategory Winner – Revenue and Profit: Sophos MDR
Subcategory Winner – Customer Need: Arctic Wolf MDR
Finalist: CrowdStrike Falcon Complete Next-Gen MDR
Finalist: ThreatLocker Cyber Hero MDR

Security – Network
Winner Overall: Cisco Hypershield
Cisco Hypershield is a distributed security architecture that protects networks, applications and workloads in data centers and cloud environments. Hypershield features an AI-native rules engine, autonomous segmentation and distributed exploit protection.
Cisco Hypershield scored highest overall in this product category and highest for technology.
Subcategory Winner – Revenue and Profit: Fortinet FortiGate (tie)
Subcategory Winner – Revenue and Profit: SonicWall Cloud Secure Edge (tie)
Subcategory Winner – Customer Need: Fortinet FortiGate
Finalist: Sophos XGS Firewall
Finalist: ThreatLocker CyberHero MDR
Finalist: WatchGuard ThreatSync+ NDR

Security – Security Operations Platform
Winner Overall: Arctic Wolf Security Operations
Arctic Wolf Security Operations, renamed Arctic Wolf Aurora Platform in November 2024, is built on an open XDR architecture and is a cloud-based platform that offers a range of services to protect against cyberthreats including managed detection and response, incident response, threat intelligence, managed risk, managed security awareness and a security operations warranty.
It scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: CrowdStrike Falcon Next-Gen SIEM
Finalist: Google Security Operations
Finalist: Microsoft Sentinel
Finalist: Palo Alto Networks Cortex XSIAM 2.0
Finalist: Splunk Enterprise Security

Security – Security Access Service Edge
Winner Overall: Palo Alto Networks Prisma SASE
Palo Alto Networks describes Prisma SASE as a complete AI-powered SASE solution that combines network security, SD-WAN and autonomous digital experience management in a single service. It incorporates the Zero Trust Network Access 2.0 architecture.
Palo Alto Networks Prisma SASE scored highest overall in this product category and highest for technology.
Subcategory Winner – Revenue and Profit: Zscaler Zero Trust SASE
Subcategory Winner – Customer Need: Fortinet FortiSASE
Finalist: Cato SASE Cloud Platform
Finalist: Cisco Secure Access
Finalist: Netskope One SASE

Storage – Enterprise
Winner Overall: NetApp AFF C-Series
The NetApp AFF C-Series storage array platform offers all-flash storage for data centers. The product is designed to provide economical, high-density storage for tier 1 and tier 2 data center workloads and to unify storage environments.
NetApp AFF C-Series scored highest overall in this product category and highest for technology and customer need.
Subcategory Winner – Revenue and Profit: Pure Storage FlashArray//E
Finalist: Dell PowerStore
Finalist: HPE Alletra Storage MP
Finalist: Infinidat SSA Express
Finalist: Quantum ActiveScale Z200 Object Storage

Storage – Software-Defined
Winner Overall: Pure Storage Purity
Pure Storage Purity software unifies, manages and protects data in data centers, the cloud or at the edge. Capabilities include data management (including AI-driven array operations, monitoring, analysis and optimization), data replication, data mobility, data reduction, data encryption, disaster recovery and high availability.
Pure Storage Purity scored highest overall in this product category and highest for technology, revenue and profit, and customer need.
Finalist: DDN Infinia
Finalist: Dell PowerFlex
Finalist: HPE GreenLake for Block Storage
Finalist: IBM Software-Defined Storage

Unified Communications and Collaboration
Winner Overall: RingCentral RingCX
RingCentral RingCX is an AI-powered, omnichannel contact center system that combines voice, video and more than 20 digital channels in a single platform. Capabilities include intelligent virtual agent integration, analytics and reports, outbound dialing and agent scripting.
RingCentral RingCX scored highest overall in this product category and highest for technology and customer need.
Subcategory Winner – Revenue and Profit: Intermedia Unite
Finalist: Cisco Webex
Finalist: Microsoft Teams
Finalist: Nextiva Unified Customer Experience Platform

5 Palo Alto Networks Executives Share Partner Opportunity In XSIAM, Prisma

‘As the scale of these transformations has increased, the SIs, the community and the partners have become even more important,’ Palo Alto Networks Chief Product Officer Lee Klarich tells CRN.

Palo Alto Networks CEO Nikesh Arora is setting the tone on the importance of solution providers for the security platform vendor’s go-to-market, with executives across the vendor’s product portfolio looking to grow the partner opportunity.
CRN recently spoke with top Palo Alto Networks executives during a press-and-analyst event at the vendor’s Santa Clara, Calif., headquarters, all of whom echoed Arora’s view that solution providers help achieve positive outcomes with customers and that, to be an effective channel partner today, one needs to robust advisory and consulting practices.
System integrator partners, in one example, are “able to help take a large enterprise through a platformization project,” Palo Alto Networks Chief Product Officer Lee Klarich (pictured) told CRN. “These are bigger projects. They’re more multi-faceted in nature. They have more of a consultative aspect to them. As the scale of these transformations has increased, the SIs, the community and the partners have become even more important in terms of how we help our customers go through this and give them the resources and expertise to supplement their own capabilities on a global basis.”
[RELATED: Palo Alto Networks CEO Arora: ‘The Role Of VARs Is Changing’]

Palo Alto Networks Partners

Palo Alto Networks has about 15,000 channel partners worldwide, according to CRN’s 2024 Channel Chiefs.
In another example of the importance of Palo Alto Networks partners, Amol Mathur, the vendor’s senior vice president and general manager for its cloud security platform Prisma Cloud, told CRN that cloud usage growth and growing adoption of artificial intelligence (AI) have given customers more assets that need securing.
“If I have a big cloud footprint, that’s where all the attackers are now pivoting to essentially with ransomware and so on,” Mathur said. “So in terms of demand, it’s off the charts.”
Here is a look at where five top Palo Alto Networks executives see the business opportunity for the vendor’s partner ecosystem.

The Power Of Partners In Platformization

Lee Klarich
Chief Product Officer
What I would call out is, in particular, the value of the larger, more system integrator scale partners, where they’re able to help take a large enterprise through a platformization project.
These are bigger projects. They’re more multi-faceted in nature. They have more of a consultative aspect to them. As the scale of these transformations has increased, the SIs, the community and the partners have become even more important in terms of how we help our customers go through this and give them the resources and expertise to supplement their own capabilities on a global basis.
There are some partners that can scale worldwide. But in many cases, there are specialists across different parts of EMEA (Europe, the Middle East and Africa). Even regionalization within EMEA. And Asia is sort of the same way. We have spent a lot of energy building out that broader ecosystem of partners to help with their customers. I’ll call that the transformation category.
Then there’s the category of, OK, even once that’s done, do you have all the expertise needed to then run and operate it? And so that’s more of the MSSP category that sits on top of it. We’ve been, at least from my perspective, starting to do a better job of making sure that we’re strategically aligned with our partners in that category.
Take XSIAM (extended security intelligence and automation management) as an example. It enables the SOC (security operations center) to be run very differently. And so it’s important that as we approach our MSSP partners relative to managed SOC services that they’ve strategically aligned with our approach.
It doesn’t really work super well to take a managed SOC service designed for legacy technology, put them on top of XSIAM, and take that to a customer. Customer gets confused. … In a way, we’ve sort of gotten picky as to who best aligns with how our products work and therefore adds the most value when running on top of and/or integrated with our products.
(As for future product iteration, we’re) starting to get more prescriptive around–what does ‘great’ look like. What do we believe a really good security architecture looks like? What is a really good security outcome? And then how do we align everything we do toward those outcomes, whether it is what we as Palo Alto Networks do or our partners, managed service provider partners and everyone else, are they aligned with helping our customers achieve those outcomes as well?
Obviously with customization and other things like that. But it’s basically getting more opinionated on what a good outcome is and how to accomplish it, as opposed to saying, ‘Yeah, you can do whatever you want to.’ Technically they can. But in most cases, our customers actually want us to help them on how to achieve the right outcome and how to solve some of these problems that maybe they’ve been stuck on for quite awhile.

The AI Security Opportunity

Amol Mathur
SVP, GM, Prisma Cloud
We work with a lot of GSIs. We have a lot of partners who resell, who service a whole suite of products–not just cloud, but our soft products as well and so on.
When you look at cloud security, specifically, a number of stats will tell you the growth has been phenomenal of the underlying consumption. The pandemic hyper accelerated it. And now, with AI largely being available only in public cloud with GPUs (graphics processing units), even people who are not very cloud forward, they are moving faster than they would have because if they want to experiment and do something it’s always in the cloud.
So we are seeing a tremendous amount of need for security–everything from foundational cloud posture all the way to understanding in deep what data and AI assets are being used, all the way to ‘give me runtime threat prevention, detection and response capabilities.’
Because if I have a big cloud footprint, that’s where all the attackers are now pivoting to essentially with ransomware and so on. So in terms of demand, it’s off the charts. In terms of just the market growth.
The second thing is that, while cloud security (has) been around for five, six years, it’s still a market where a lot of customers don’t have the maturity. And when I say maturity, I mean everything from getting a cloud security program up and running and operational all the way to … monitoring, triaging attacks, helping with remediation at scale, putting architectures where you’re trying to prevent as many things and do secure by design and so on.
So there’s a lot of opportunity for experts to come in and advise customers on how to do this. … That’s a big trend that we are seeing, that there’s just not enough skill set. And a lot of the constructs that people use in cloud, they are very different.
When we think of, in the enterprise world, single-sign-on user identities–in the cloud world, there is a huge portion of non-user machine identities.
And how they get assumed and exploited and abused to gain access and breaches happen–that expertise needed is quite different. That’s where organizations that know how to do this can provide everything from basic deployment services, ongoing fine-tuning, all the way to fully managed cloud SOC, cloud posture, vulnerability management, et cetera.
Data and AI is a big area for us (looking ahead for product innovation). We have released solutions for data security posture management, AI security posture management. And with AI security posture management, related to that, very complimentary to that, our peers in the network security team have released AI access security and AI runtime security.
In most cases, even the companies don’t know how the data is being used by the AI model, because it’s kind of a black box.
(Another area is remediation at scale.) You need a strategy using AI to be able to remediate those issues in fewer steps. If you just go one by one, from top to bottom, you’ll never be able to resolve your issues.

The SASE And Prisma Access Opportunity

Anand Oswal
SVP, GM, Network Security
We’re seeing great activity from them (MSSPs) on all things SASE. We’re seeing great activity on GSIs (global system integrators) wanting to sell a unified SASE.
The GSIs, MSPs, MSSPs, all of them (are choosing Palo Alto Networks) because it allows them to differentiate their offerings. Networking is really coming together.
You think about just remote access, for the most part–(when) companies allow any remote access solution, Prisma Access or somebody else … they’re actually outsourcing a network because you’re no longer running a network like you did in the old days.
Some providers will use the cloud like we use–combination of different cloud providers for redundancy. Some will build their own through Equinix and leasing through things at scale.
Then you want to have combined visibility across networking and security and common logic to identify applications on your SD-WAN device and your Prisma Access device and be allowed to then add more services on top–like visibility from user applications. … The value add for the GSIs, MSSPs, MSPs is when you can unify. It also differentiates them.

Transforming The SOC With XSIAM

Scott Simkin
VP, Marketing, Next-Generation Security
(I think about) how am I going to provide an amazing platform, a set of products that we can give to a partner to deploy, operate, manage, and run 24 by seven on behalf of their customers.
The days of a VAR pushing paper, that’s not how you’re going to differentiate yourself. You have to build in value-added services.
When I’m talking to our partners in the big consulting firms, one of the things they always say is, ‘Every single company is asking the question of how do I transform my SOC?’ And that question is predicated on a few different things. The customer is sitting there going, ‘I have a mess of technology. I have far too much data and alerts than I can possibly deal with. And of course, I don’t have enough people. I need a better path.’
And when they look at everything, they need a third-party, trusted partner who says, ‘I can look at your environment. I can understand your challenges. I can understand your needs. And I can help you get from point A to B for transforming your SOC.’
They help them modernize and standardize on XSIAM so not only are they deploying a few different things. How do we stop the most possible–get to as close to 99.9999 percent–of attacks as possible? Then we say, ‘How do we prioritize the small few that get through with AI and analytics?’
And how do we give them full context, full visibility, understanding of what is occurring so they can paint the picture in their own SOC of what occurred–connecting the dots, so to speak–and then take an action. So when you talk to an MSSP or GSI, they’re doing all the hard work of architecting, designing and maybe even through deployment. But our play and a win-win for us–the customer and the GSI–is having the best AI-driven platform in the market.
How do we help build out the right systems, the right processes, and help them build their business on top of XSIAM? Partners out there are making more money, signing bigger deals and helping customers do significant transformations with XSIAM than a legacy SIEM could possibly get them in business.
Nearly every single customer we talk to and they will talk to is using a legacy SIEM. Whether it’s anyone who’s been around for 10, 15, 20 years. So the market is ripe for disruption. And what I want all the partners to think about is, hey, they can work with a best-in-class platform. They can work with a partner that they know is channel-led–unlike some of our competitors, who like to take things, perhaps, direct and not give them an at bat, which hurts their business, ultimately, at the end of the day.
And how do we deliver something that is truly, truly transformative? I was just talking to a customer … what they told me is, we’re in a situation where it is untenable for us in our security team. It’s untenable because the risk of a breach is so high, because of that underpinning of where’s the data coming from, what’s the system it’s going into? And then how do I throw dozens and dozens of people at a tool that ultimately doesn’t get them to an outcome that they want, which is, stop the adversary? Then I showed them XSIAM. … The second you show them a demo, their eyes light up.
Seeing is believing for XSIAM. And any customer who sees it, who has experience with a legacy SIEM, a first generation EDR or the other tools that sit within that SOC, they will absolutely fall in love. And it will be an outcome that they can count on.

The Cortex Opportunity

Elad Koren
VP, Products, Cortex
We’ve seen a lot of traction from partners. (Cortex, Palo Alto Networks’ XDR product) is something that is constantly getting improved, and we are seeing the motion with what they can do with the system, because of its flexibility, the scalability of the system–it’s huge.
We launched earlier this year the MSSP set of capabilities. And this was a result of the fact that a lot of the partners were asking for something like that so that they can actually operate based on that.
And we do see this being taken to the market with great results so far. So very exciting.

10 hottest cyber security startups of 2024

Channel-friendly startups offering tools for cloud and AI security, data protection and security operations are among the startups that have emerged during the year.

Hot Startup in Security

While working with a well-known cybersecurity vendor can have a lot of advantages for the solution provider, emerging startups can bring a level of innovation and energy – something that some established vendors don’t always bring to the table. For example, the attitude among some of the larger vendors in the security space is, “‘We’re popular, so maybe we don’t need to change our technology too much,'” said Trace3’s Jason Berland.
[Related: These Are The Stellar Startup Security Vendors To Know In 2024]
Berland said that as much as possible he wants to work with new players in cybersecurity that are showing significant potential. Their goal is to evaluate at least one new technology every month. “What I love to do is see the little people — the ones who are hungry, the ones who want to make a difference,” said Berland, senior practice director of identity and access management at Irvine, Calif.-based Trace3. Number 34 on CRN solution provider 500 For 2024.
For CRN’s year-end coverage, we’ve selected 10 cybersecurity startups that we believe exemplify the combination of promising technology, speed to market, and engagement with the channel that companies are pursuing in this space. Can make permanent players in. Our picks include companies offering tools in fast-growing categories like cloud and AI security, data protection, and security operations.
In terms of specific criteria, we have chosen partner-friendly startups that were founded from 2020 and have major announcements in 2024 – such as a significant product launch or funding round – that are showing their attractiveness in the market. (Note: We also excluded some security vendors that would otherwise have qualified, such as Viz, which have already achieved critical status.)
The details of the 10 most popular cyber security startups of 2024 are as follows.

Saira
Established: 2021
CEO: Yotam Segev
Cyra offers an agentless data protection platform that now combines both data protection state management (DSPM) and data loss prevention (DLP), ultimately providing unified visibility into data and access risks. The startup has expanded beyond its core focus on DSPM — which works in environments including cloud, SaaS and on-premises — to add DLP capabilities with the $162 million acquisition of Trail Security in October. Cyra’s key partners include Guidepoint Security, World Wide Technology and Trace3.
In November, New York-based Cyra announced Raising a $300 million Series D round of funding, which follows a previous fundraise of the same amount in April. The latest round more than doubled the company’s valuation to $3 billion.

Cynomy
Established: 2020
CEO: David Primor
Cynomy offers an automated vCISO platform that aims to offer capabilities equivalent to a governance, risk and compliance (GRC) tool, as well as conduct gap analysis, create customized policies, and prioritized remediation to ensure cybersecurity is also The plan has to be developed. According to the company, the MSP-centric platform is designed to secure small and medium-sized enterprises.
In April, Herzliya, Israel-based Cynomy announced it raised $20 million in new funding led by Canaan to fuel its growth. And in November, the company hired out Ken Marks – a cybersecurity veteran most recently at SentinelOne – as its new CRO. Kevin Baker, CISO of Fortress Security Risk Management, a Cleveland-based Cynomy partner, said the company is proving by hiring Marks how serious it is about growing with the channel. “It gives me a lot of confidence that this company is going to move forward,” Baker said.

deskope
Established: 2022
CEO: Slavik Markovich
According to the Los Altos, California-based startup, Deskscope offers a platform for customer identity and access management (CIAM) that is simple and highly flexible. Deskope’s platform aims to be easier to implement and use than competitors due to its low-code/no-code capabilities that provide a drag-and-drop method for managing identities and access permissions. In November, Deskope announced Launching its first formal channel program with the goal of recruiting more partners and accelerating the development of the company’s CIAM platform. Deskop’s current key partners include Irvine, CA-based Trace3, ranked No. 34 on CRN’s Solution Provider 500 for 2024, and Canonsburg, PA-based DeFi Security.

Andor Labs
Established: 2021
CEO: Varun Badhwar
Andor Labs’ goal is to enable a better way to secure the software supply chain, with a focus on identifying, prioritizing, and eliminating risks across the software development life cycle. There is a large emphasis on helping developers safely incorporate open-source software. Key milestones announced by Palo Alto, Calif.-based Endor in 2024 include the launch of a partnership with GuidePoint Security in May and the introduction of new capabilities in August that will help teams better prioritize software upgrades by providing details on the potential level of difficulty. Allows. Of implementing a certain upgrade.

island
Established: 2020
CEO: Mike Fay
Island Chromium offers a secure workplace-focused web browser built on the Island Enterprise Browser, which offers a range of capabilities to protect data and users automatically embedded within the browser. Capabilities include protection against web-based threats, conditional access controls, data loss prevention (DLP), and zero-trust network access to private apps. In April, Dallas-based Island disclosed raising a $175 million Series D funding round led by Coatue and Sequoia, bringing with it a $3 billion valuation. Island’s key partners include Trace3.

legitimate security
Established: 2020
CEO: Ronnie Fuchs
Legit Security provides an application security state management platform that aims to provide better visibility and security throughout the software development process, including offering a unified console for code and cloud security. In April, Boston-based Legit Security unveiled a partnership with Herndon, Virginia-based GuidePoint Security, No. 39 on CRN’s Solution Provider 500 for 2024. And in August, the startup debuted what it’s calling “the industry’s first AI security command center.” , which offers a dedicated dashboard for AI security.

reality protector
Established: 2021
CEO: Ben Coleman
According to the company, Reality Defender offers deepfake detection using a “multi-model” approach and hundreds of patented technologies to effectively detect deepfakes in images, video, audio, and text. The startup offers an API that allows organizations to upload large amounts of content and scale detection capabilities as needed.
In May, New York-based Reality Defender received the “Most Innovative Startup” award at the RSA conference Innovation Sandbox. And this fall, the startup also announced an investment from IT consulting giant Accenture, as well as a partnership with co-engineer A deepfake detection service that will be available from Accenture. “I believe there is nothing available yet in the market” that is comparable to what is being offered, said Paolo Dal Sin, global head for security at Accenture, No. 1 on CRN’s Solution Provider 500 for 2024. .

common sense
Established: 2021
CEO: Guy Guzner
Sevi aims to strengthen SaaS identity security through greater automation, including the company’s browser extension that provides direct guidance to users on resolving password and other account issues. In September, Tel Aviv, Israel-based Sevi launched new capabilities for user off-boarding that can help IT and security teams better prioritize user access removals.
Mark Jones, CEO of Blacklake Security, a solution provider partner of Sevi, said the startup’s offering provides solutions at scale. challenge In the area of ​​identity security for organizations. Sevi deploys quickly and “gives you a lot of visibility into your identities and the vulnerabilities that are out there,” said Jones, who is also the founder of Austin, Texas-based Blacklake Security, which is on CRN’s Solution Provider 500 for 2024. But is at number 221.

upwind protection
Established: 2022
CEO: Amiram Shachar
Upwind provides a comprehensive runtime cloud security platform that includes cloud workload protection and cloud detection and response, as well as CSPM (Cloud Security Posture Management), SIEM (Cloud Identity Entitlement Management), and other capabilities. The startup said the Upwind platform leverages the San Francisco-based company’s “lightweight” EBPF (Extended Berkeley Packet Filter) sensor technology to identify abnormal behavior and provide automated protection. Upwind’s key partners include Denver-based Optiv, No. 25 on CRN’s Solution Provider 500 for 2024.
In March, Upwind revealed that its offering is available as an add-on to Amazon Elastic Kubernetes Service (Amazon EKS), and in October, the company said it now offers automated discovery and classification of data flows involving sensitive information. Provides.

torque
Established: 2020
CEO: Ofer Smadari
Security “hyperautomation” startup Torque offers a no-code method to automate security operations activities. The platform increases security analyst productivity by completing many security operations center (SOC) tasks faster and more easily, and a major push for Torque is to displace “legacy” providers of SOAR (security orchestration, automation, and response) technology. Has been on. Ricardo Panez, president and COO of Torque partner Compuquip, based in Doral, Florida, told CRN that when it comes to “automating our tasks within our SoC,” [Torq] Light years ahead of other products.
In January, Tel Aviv, Israel-based Torque announced it had added $42 million in funding — which followed Announcement An additional $70 million Series C funding round in September was partly aimed at boosting investment in the channel.

‘Cyber ​​security and compliance is a team sport’

‘It’s not about fixing a solution,’ says Dave McKinnon, N-able VP and chief security officer. ‘It’s about working together as an ecosystem. Cybersecurity and compliance is a team sport. We need to collectively collaborate, share information and build resilience.

As the regulatory landscape for MSPs evolves, businesses are increasingly focused on building cyber resilience Instead of simply completing a compliance checklist.

Dave McKinnon, vice president and chief security officer of N-Able, said The target of the Burlington, Mass.-based vendor’s recent compliance initiative It is not just about complying with regulations like CMMC 2.0 or NIS2, but about creating a more robust and resilient cybersecurity environment for MSPs, their partners, and their end customers.
“The ultimate goal of these compliance frameworks is to build cyber resiliency, not just security,” MacKinnon told CRN. “When we look at regulations like CMMC or NIS2, they are all striving towards one thing, building a cyber-resilient ecosystem. This is about ensuring that businesses can react and recover quickly from cyber attacks, weather events or any other disruption with minimal impact.
One of the biggest challenges for MSPs is understanding how evolving compliance regulations, particularly CMMC 2.0, impact their operations. And any MSP is still unsure what their responsibilities are under these frameworks.

“We realized that many MSPs did not know how these rules applied to them,” he said. “Once the CMMC was finalized they were not sure what their customers expected or how they needed to transform their business. Some are well along with established programs, while others are just beginning to understand what these changes mean.
In response, N-Able has taken active steps to facilitate collaboration between MSPs, offering a collaboration center where partners can share best practices, ask questions, and learn from each other’s experiences. Can. The goal is to ease the compliance burden by creating a support network where MSPs can find resources and guidance from peers who have already faced similar challenges.
And N-Able is putting its money where its mouth is. This week, The vendor, Washington, DC-based Adlumin Inc. acquired, Which will allow N‑able to include security, integrated endpoint management and data protection solutions. Adlumin was acquired for at least $236 million, but the price could rise to $266 million if certain performance targets were met, the company said.
“This is not about dictating solutions,” MacKinnon said. “It’s about working together as an ecosystem. Cybersecurity and compliance is a team sport. We need to collectively collaborate, share information and build resilience.
With global regulations such as NIS2 in Europe, the compliance landscape for MSPs is not only complex but also diverse. To get ahead of this, N-Able launched a Global Compliance Advisory Council to bring together experts from different sectors to help MSPs meet various regulatory requirements.
Simon Beckett, director of UK-based MSP Dynacom IT Support Ltd, is pleased that N-Able is considering international compliance requirements and not just US-focused programs.
“UK-based Cyber ​​Essentials and CE Plus are gaining popularity among UK businesses, and although they include many of the same requirements as NIS2, the character of the rules is different,” he told CRN. “One characteristic of all these programs is that they are constantly evolving, so they will be less effective if they are treated merely as box-ticking exercises between annual renewals. Taking a more holistic approach and focusing on overall flexibility will make annual audits for compliance programs like NIS2 and CE much less painful.
Brent Yax, CEO of Troy, Michigan-based Avacom Technologies, said it feels like the “Wild West” when addressing security in the context of regulatory compliance.
“CMMC and NIS2 are becoming better defined, but there is still a lot of confusion over how it applies to MSPs and what spills over into our operations through our customers,” he told CRN.
He said what N-Able is doing will foster valuable conversations that can help the entire industry tackle these types of challenges.
“The idea is to make sure we’re not just looking at compliance from a U.S. perspective,” MacKinnon said. “Regulations are global, and each country has its own specific requirements. Our Council helps us understand these local challenges and ensure our solutions are adaptable and future-proof for MSPs around the world.
The Council also helps MSPs think beyond just compliance, encouraging them to consider how security frameworks like CMMC impact not only their current operations but their long-term business strategies.
“It’s important to understand your customers’ needs and make sure you know exactly what your compliance obligations are,” he says. “But at the same time, don’t think of compliance as the bottom line. It’s a journey.”

Apache-Juniper meets DOJ to block anti-trust ‘challenge’ to $14 billion deal: report

Harvey partners told CRN that they have already made significant sales efforts around the Apache-Juniper combination and that an antitrust challenge would put millions of dollars in potential networking and AI revenue gains at risk.

Representatives from Hewlett Packard Enterprise and Juniper Networks met with U.S. Department of Justice (DOJ) regulators last week to fend off an antitrust challenge. Harvey proposes $14 billion acquisition of JuniperAccording to Bloomberg news report.
According to Bloomberg’s report, DOJ officials “are prepared to challenge the deal if necessary and have made their concerns known to Apache and Juniper”, but no final decision has been made on whether or not to bring a lawsuit.
“Hewlett Packard Enterprise and Juniper Networks are working with regulators to obtain the necessary approvals for our proposed transaction and expect the deal to close in late 2024 or early 2025,” said VMware in a statement in response to the Bloomberg story. By then it will be completed.” “We believe the transaction will create significant benefits for customers and fundamentally change the dynamics of the networking sector for the better by fostering greater competition and innovation.”
[RELATED: HPE CEO On Juniper Merger, AI, Battling Cisco, And John Chambers’ Advice]
CRN also contacted Juniper Networks and the DOJ, but did not hear back by press time.
Bloomberg reported that a decision on whether to challenge the deal could be made as soon as this week. The media outlet also reported that Apache and Juniper “may opt to delay the deal until President-elect Donald Trump’s administration takes office in January in hopes of a more favorable outlook for the deal”.
CR Howdyshell, CEO of Fulcrum IT Partners company and top Apache and Aruba partner Advisex, said that if the deal is not completed it would cost his company “millions of dollars” in potential networking as a service and AI sales opportunities. Will come up with the Apache-Juniper deal.
“We already had an aggressive sales effort for next year based on the Apache Juniper acquisition,” Howdyshell said. “(HPE CEO) Antonio (Neri) has already announced that HPV is going to be a networking company. We believe that if this deal is not approved we will miss an important opportunity. This was a focused initiative for us for the next year. We have already started work on this.
Howdyshell said he sees the Cape-Juniper deal providing much-needed opportunities for the networking and AI markets. “I’m not sure what the thinking is behind a potential DOJ challenge,” he said.
Houdinishell said he expects Apache and Juniper to receive more favorable regulatory review from the incoming Trump administration.
“I would expect them to wait for the new administration to take office,” he said. “This is what makes sense. Now you have business people deciding at this point what is right for the business.”
Rob Schaeffer, president and chief revenue officer of E360, a top Apache partner based in Concord, Calif., ranked No. 128 on the 2024 CRN SP500, said he also would be disappointed if the Apache-Juniper deal does not receive regulatory approval. The potential networking and AI sales opportunities this will open up for the e360.
“I don’t know any details about why the DOJ would challenge this,” he said. “I don’t see how antitrust it would be, because there is significant competition in the networking sector, not only from Cisco, but also from other networking companies. Although the combination of Apache-Aruba and Juniper is very strong and interesting, I do not know whether it will have market dominance that would present any problems for the government.
Schaefer said he expected the deal to provide significant opportunities for e360, noting that networking is the largest part of the company’s business.
“We would like to see this deal move forward,” he said. “We were planning a significant sales effort around Apache-Aruba-Juniper for the new year.”
In a blog post last February, Neri said that the proposed $14 billion acquisition of Juniper Networks was intended to disrupt the networking “status quo” with a new modern AI-powered networking fabric.
Neri said in a blog post, “We are pursuing this acquisition because we believe that the combination of Apache and Juniper Networks will fundamentally change the networking industry – not by eliminating products from either portfolio – but by “By creating more options in this area.” He Addresses the potential competitive impact of the deal. “The incredible thing about a combination like this is that there are strong offerings on both sides and by bringing them together, we will increase value and flexibility for all of our customers.”
without direct separation rival ciscoNeri, which has maintained a dominant position in the networking industry since the mid-1990s, said the deal is in keeping with the current networking status quo.
“Our objective is to better solve customer challenges by integrating two of the most innovative and competitive organizations in the networking industry and disrupting the status quo,” Neri said. “Our combined business will create a new full-service networking company with a customer-focused approach to product development and a broad portfolio that will deliver value for our customers.”

The biggest news in devices, security

Windows 365 Link, security exposure management and a new post-CrowdStrike faulty update initiative are among the big announcements.

Microsoft’s Windows 365 links devices. Security exposure management is becoming generally available. And a new initiative to make improvements after a faulty CrowdStrike update in July.
These are some of the biggest device and security news coming from Microsoft’s Ignite 2024 event.
Ignite runs through Friday, with in-person and online programming in Chicago. Microsoft had registered more than 200,000 people for the event and was expecting more than 14,000 to attend in person.
[RELATED: Microsoft CEO: AI Provides ‘On-Ramp’ To Azure Data Services, Copilot Continues To Surge]

Microsoft Ignite 2024

Redmond, Wash. The based tech giant unveiled 80 new products and features in its product portfolio.
According to Microsoft, Windows 11 has seen a three-fold reduction in firmware attacks and almost three times fewer credential theft incidents compared to Windows 10.
During Ignite, Microsoft said that the controversial recall feature would be disabled by default for Copilot+ PCs. IT will enable this feature through new policies before employees opt in.
Microsoft Chairman and CEO Satya Nadella shared his enthusiasm for the vendor’s devices and security portfolio during the vendor’s recent quarterly earnings call.
“It’s about hybrid AI where the rebirth of the PC as the edge of AI is going to be one of the most exciting things for developers,” Nadella said on Microsoft’s Copilot+ PC.
Nadella said customers have used Defender to find and secure more than 750,000 GenAI app instances. They have used Parview to audit over 1 billion Copilot interactions to ensure they meet compliance obligations.
Here’s everything you need to know in security and device news from Ignite 2024.

In device news, Microsoft has previewed Windows 365 Link devices built for its Windows 365 cloud-based virtual machine service, with Link becoming generally available in April with a manufacturer’s suggested retail price of $349.
According to Microsoft, interested organizations in the US, UK, New Zealand, Japan, Germany, Canada, and Australia can apply for the preview program.
According to Microsoft, users can place Link on their desk, boot it up in seconds and perform local processing for Teams meetings, Webex by Cisco, and other high-fidelity experiences.
The Link supports dual 4K monitors, four USB ports, an audio port, an Ethernet port, Wi-Fi 6E, and Bluetooth 5.3.
The device has no local data, apps, or non-administrator users. Corporate data is safe in the Microsoft cloud. Security default policies are on by default. Users cannot turn off security features.
Users can leverage Microsoft Entra ID, Microsoft Authenticator app, or USB security key for passwordless login.
Microsoft Intune users can manage devices linked with other PCs. Links are configured in minutes and updated automatically when turned on for the first time. They are factory-reset in minutes for reusability.

Starting next year, Windows Insider Program members with Snapdragon-powered CoPilot+ PCs will have the ability to take advantage of their Neural Processing Units (NPUs) for better search with File Explorer, Windows Search, and Settings.
Users can find documents, photos, and other files without having to search for file names or exact file contents. They can describe content with synonyms, even text that may appear in an image. This feature will work even without internet connection.
Enhanced search will be coming to Windows 365 cloud PCs in the spring.

Microsoft Security Exposure Management goes to general availability

Microsoft has made its security exposure management experience generally available to practitioners assessing cyber threats.
Exposure management integrates disparate data silos for better attack surface visibility, assessing attack paths to assets and across devices, identities, apps, data, on-premises, hybrid and multi-cloud infrastructures. Provides context-based recommendations to improve security posture.
According to Microsoft, the tool has attack path analysis capabilities with modeling and blast radius estimation, as well as integrated insights that bring in currency data from other vendors.

Microsoft Purview Update

Microsoft updated its Purview data governance and compliance platform to include the general availability of Customer Lockbox, which provides data protection for Windows 365 with users in the approval workflow process, and Data Security Posture Management, as well as AI Provides DSPM for.
According to Microsoft, DSPM for AI should help IT administrators and data stewards find risks and prevent data oversharing, data leakage, and other incidents. The tool works on Copilot, custom apps built on Copilot Studio, and third-party apps like ChatGPT Enterprise by Microsoft-backed OpenAI.
The new Purview preview includes data loss prevention (DLP) for Microsoft 365 Copilot – aimed at ensuring that the content of sensitive documents is not abstracted by AI – and Azure Microsoft Rights Management-defined sensitivity labels for administrators Ability to extend Office files and PDFs to SharePoint document libraries comfortably.
By the end of the year, Purview will have a preview of embedded Security CoPilot capabilities, including DSPMs with AI-powered data estate risk insights in natural language and suggested prompts to guide users through investigations.
Other Security CoPilot capabilities entering preview are DLP policy understanding, eDiscovery case summaries, and a CoPilot-powered knowledge center.

Features after the CrowdStrike incident

During Ignite 2024, Microsoft introduced its Windows Resiliency Initiative, which is based on learnings from the global outage caused by CrowdStrike. faulty update In July.
According to Microsoft, the initiative also focuses on allowing more apps and users to run without administrator privileges, stronger controls for which apps and drivers can run, and better identity protection.
Quick Machine Recovery is a feature that will come to the Windows Insider Program in early 2025 thanks to this initiative. With this feature, IT administrators can target Windows Update fixes to PCs, even when the machines cannot boot and do not have physical access to the PC.
There are ways to build security products outside of kernel mode, coming as a private preview to the security product ecosystem in July. According to Microsoft, antivirus and other security products will have the ability to run in user mode, just like apps. This will provide better resiliency to Windows in the event of a crash or error.

windows security updates

Microsoft said it is addressing long-standing complaints about Windows security — over-privileged users and applications, unverified apps and drivers, and insecure credentials and authentication.
The preview has Administrator Security, a tool that has standard user permissions security by default. If a system change requires administrator rights, users are asked to authorize the change using Windows Hello. Windows creates a temporary separate administrator token that is destroyed after the task is completed.
According to Microsoft, the new AI capabilities for Smart App Control and App Control for Business attempt to make the tool easier to deploy. A signed and reputable policy template should allow millions of verified apps to run, regardless of deployment location.
And the Personal Data Encryption (PDE) layer now generally available for Windows Enterprise should add more security to personal user files on laptops that are now readable only with Windows Hello sign in. PDE also integrates with OneDrive and SharePoint and is manageable with Intune.

Windows CoPilot Runtime, Windows Subsystem for Linux

Microsoft has added new AI APIs and improved frameworks and tools to the Windows Copilot Runtime to help developers scale AI across devices.
APIs for image description, image super resolution, object erasure, and optical character recognition are coming in January.
According to Microsoft, Windows Subsystem for Linux (WSL) has added integration with Intune, which is now generally available, and Entra ID, which is now in private preview.
In the coming months, Microsoft will preview a new distribution architecture for WSL to better manage and optimize it with enterprise security policies.
A new preview of Hotpack for Windows gives users a way to download updates in the background and have the installation take effect without restarting the device.
The preview coming before 2026 for Windows Autopatch AI integration with Copilot in Intune means IT administrators can only access data within their permissions and Windows users can prepare for feature updates, ready devices, and other uses. Can get payload details between cases.
A now generally available configuration refresh feature is available to enforce mobile device management (MDM) security policies by returning a PC to a preferred configuration, avoiding configuration drift when users change the system registry. Refresh also works offline with device self-management locally.

Mixed Reality, Windows in the Modern Environment

Microsoft has a preview coming in December for Windows 11 in Meta Quest headsets, which allows users to take advantage of Windows for virtual meetings and high-resolution monitors.
Windows 11 Mixed Reality Access will debut with the Quest 3 and Quest 3S headsets.
The preview available now allows a shared mode for provisioning Windows 365 Frontline. This mode is for users who need brief access to ad-hoc tasks in a non-personalized Windows desktop environment. User data is deleted upon signoff.
Another preview is for Windows Apps Mobile Application Management (MAM) support for iOS and Android to define device security criteria and customized access.

Azure Chips, Infrastructure

At Ignite, Microsoft introduced its Azure Integrated Hardware Security Module (HSM) in-house cloud security chip.
Next year, Microsoft will begin installing HSM in every new server in its data centers for confidential and general-purpose workloads.
The vendor also showcased its first in-house data processing unit silicon, the Azure Boost DPU. According to Microsoft, the purpose of a DPU is to work on storage, networking, acceleration, and more. Future DPU-equipped servers should run cloud storage workloads at three times less power and four times the performance of existing servers.
A liquid cooling heat exchanger unit rack by Microsoft should support large-scale AI systems on Azure, including Microsoft’s Azure Maia. Microsoft can reinstall the unit in Azure data centers.
Microsoft and Meta have collaborated on a differentiated power rack design with 400-volt DC power for 35 percent more AI accelerators per server rack. The vendors are open-sourcing the specifications through the Open Compute Project.
Microsoft launches preview of Nvidia Blackwell GB200-powered Azure AI system. Azure ND GB200 V6 is the new AI-optimized virtual machine series powered by Nvidia GB200 superchips.

More infrastructure news

Microsoft has made Azure Local cloud-controlled, hybrid infrastructure platform and Windows Server 2025 generally available.
Local extends Azure services across distributed locations for mission-critical workloads and cloud-native applications and AI. Runs containers, servers, and Azure Virtual Desktop (AVD) on Microsoft-accredited hardware from Hewlett Packard Enterprise, Lenovo, Dell Technologies, and others for local custom latency, near-real-time data processing, and compliance.
Windows Server 2025 has a preview of hot-patching subscriptions for easier upgrades, improved security, and update installation with fewer restarts.
Microsoft also moved SQL Server 2025 to private preview. According to Microsoft, this database platform should simplify AI app development and RAG patterns.

InterVision CEO on AI Wins, Innovating with AWS and Cisco’s ‘Speed’

InterVision CEO Jonathan Lerner talks about building his MSP company with AWS, ‘racing’ to adopt Cisco innovation, and building an AI strategy that’s winning customers.

InterVision Systems is winning artificial intelligence deals thanks to tight partnerships AWS And cisco As the all-star MSP is incorporating AI and intelligent automation into almost everything the company does.
“We are working with the best AI BuildersBuilding the best tools, the best automation, embracing partners like Intervision with AWS to truly deliver a successful customer outcome – it’s all not just the technology, but how it happens. [AI] “Change and Impact Lives?” said Jonathan Lerner, President and CEO of Interview,
“We have woven aye And intelligent automation in all its forms – such as RPA [robotic process automation]Bots, etc.—in everything we do,” Lerner said. “We often think of ourselves as a product developer, really an organization of the offering company. It’s not about reselling other people’s things. It’s about weaving them into logical bundles of services and solutions.”

InterVision’s AWS and Cisco Partnership

Intervision is an AWS Premier Tier Services Partner and one of AWS’s leading midmarket partners in the US. The St. Louis-based company holds more than 125 AWS certifications, offers more than 250 professional services and is AWS accredited in seven disciplines.
[Related: Cisco, Pure Storage Invest In Nvidia-Backed Startup CoreWeave]
InterVision is also a Cisco Gold Provider and Cisco Gold Integrator Partner, with over two decades of collaboration with Cisco.
“The rate of innovation that we’re seeing, the actual enhancements in every version and release that they’re bringing out right now — it’s at clock speed of urgency as per the speed of the customer,” Lerner said. “Maybe in previous years, we might have asked for more. Now we are racing to adopt the innovation they are bringing to our solutions.”
Intervision ranks 94th on CRN’s 2024 Solution Provider 500 list as the MSP specialist continues to climb the ranks thanks to over 30 years of experience with a top-tier managed service offering portfolio.
Lerner, CEO of InterVision, has an IT career spanning more than 25 years working in top executive positions at SAP, Verint and ACI Worldwide.
In an interview with CRN, Lerner spoke about Intervision. AI strategyAWS joint innovation and Cisco momentum heading toward 2025.

Talk about Intervision’s AI strategy.
We have woven together AI and intelligent automation in all its forms – such as RPA [robotic process automation]Bots, etc. – in everything we do. We often think of ourselves as a product developer, actually an organizer of the company offering.
It’s not about reselling other people’s things. It is about weaving them into logical bundles of services and solutions.
We also do this under our own brand, our InterVision as-a-Service offering. For example, we have Ransomware Protection as-a-Service, and we bring market-leading technologies to MDR and XDR and GRC with our managed and professional services. We then serve them as results that are fully managed services for midmarket and enterprise. We wrap it up with AI and intelligent automation.
Our view is that our customers need to continue to embrace innovation, otherwise they will stagnate. So we help them with innovation around each of them.

Is the InterVision building offering on top of the AWS AI infrastructure or platform?
We have incorporated AI into each of our CoEs [Centers of Excellence]The concept of enhancing offerings and becoming a partner that evolves around the platform applies to how we help Amazon grow with its most successful feature to date, Amazon Connect.
It is a Contact Center as-a-Service (CCaaS) solution. It competes with Cisco or Five9 in the WebEx space.
We’ve organized other elements that extend the core engine of CCaaS, and we’ve built our own on top of that. We call it ConnectIV CX. Powered by Amazon Connect as the engine, but this is where Amazon has positioned its brand around SaaS rather than just storage and compute and AI. It’s augmented with AI, but it’s a customer outcome.
That’s why we’ve developed our own platform to organize an offering. And we bring it to market to enhance Amazon in AI, for example like chatbots and quick start: How do you get faster go-to-market and faster ROI and adoption? … Now it’s really a managed service offering that we can bring to market.
So we’ve done that on Amazon’s platform. It leverages AI, it leverages the core function of SaaS around CCaaS solutions. We’re managing some of the most complex Amazon Connect deployments on the planet right now.
We are adapting the customer experience, or in this case, the citizen experience, to the public sector. Embracing the agent experience, ‘How can we make agents more productive?’ Don’t necessarily replace them but enhance their ability to provide more service in multiple languages ​​by using some of Amazon’s AI.

How is Intervision leveraging GenAI to boost sales and customer adoption?
We look at it from two angles: automated or augmented.
It could just be GenAI. It can develop LLM [large language models] And you’re leveraging third-party platforms for how you introduce AI. But it could be as simple as leveraging RPA, and how we can bring automation to more repetitive, transformational journeys.
For example, how do we use technology to enhance the contact center: How do we keep agents happy? How do we provide them with data to be able to serve their customers, their patients, the citizens of the states where they live, predictively, provide them with information to know them better – their journey, their history, etc. .
To date, a lot of investment has been made to help customers develop use cases and determine the benefits of automation. Our advisory services start before that, it’s around data preparation and where does the data live? How do we actually prepare the data? We believe those discussions on the advisory side are really very important now.
We actually start from the advisory side on data preparation, building a data fabric or a data warehouse. What is the status of that data?

What are your thoughts on Cisco moving into 2025?
By placing infrastructure, security and cooperation under Jitu Patel. [executive vice president and chief product officer at Cisco] who reports directly [Chair and CEO] Chuck Robbins- We like that.
By putting these under one leader, we think it’s a big step toward really unifying those journeys all the way back to the customer.
Cisco has always been a great creator of technology and a great innovator. I think this is the next level for them to really articulate that vision in how they interact. It’s a very bold move combining those businesses. This makes Cisco an easy partner to understand that harmonious journey.
Other than that, the Splunk acquisition was fantastic. I mean, this is going to change the game for Cisco and its customers. We will be there to help them on their journey.
Cisco is certainly modernizing and moving forward rapidly and it’s becoming a very interesting partner for us.
The rate of innovation that we’re seeing, the actual enhancements in each version and release that they’re bringing out right now – it’s at the speed of the customer, at clock speed of urgency. In years past, we may have been asking for more. Now we are racing to adopt the innovation they are bringing to their solutions.

How do you like AWS CEO Matt Garman’s channel strategy so far (pictured)?
We are now able to have a voice, whether it’s decisions on the product road map and innovation that builders are creating or being part of how they see their growth in their markets.
If they want to grow dynamically, they need to have partners who are equally committed.
A key element of the type of partnership we’ve seen Matt and Ruba create at Amazon [Borno, vice president of worldwide channels and alliances] What we are looking for is what we call ‘a partner for life’.
We celebrate Partners for Life, Customers for Life and Employees for Life—that’s how we do it. They’re starting to understand that it’s a slightly different approach. So there’s a partner benefit that we always try to promote, that says, ‘Here’s how we’re different and better.’ We perform it really, really well.
We’ve seen Matt and Ruba look for a similar partnership. This not only helps us understand why you are the second name on the list but also helps us understand what is different and better about how you approach the market? Which clients do you represent? What’s the focus of your go-to-market coverage and your segmentation so that we can understand you and we can really fit you and promote you?

Presidio boosts ServiceNow business by purchasing majority stake in elite partner Contender Solutions

Presidio has made its second acquisition in a month with the purchase of ServiceNow elite partner Contender Solutions.

Channel Powerhouse Presidio has acquired Majority stake in one of ServiceNow’s top partners to boost $6 billion company service now Business, especially around software management services and implementation.
Presidio CEO Bob Cagnazzi (pictured) said the acquisition of Contender Solutions comes as technology leaders are looking to enterprise management services to automate processes that drive business results and more to drive innovation for customers. Provides time.
“We are excited that Contender is now part of Presidio to seamlessly support our customers.” ServiceNow Platform and drive results that drive their business success,” Cagnazzi said in a statement announcing the deal on Monday.
The acquisition comes just a month after Presidio purchased Internetwork Engineering in October to bolster the New York City-based company’s networking, data center and cybersecurity sales. Purchasing North Carolina-based Internetworks also helps Presidio be better positioned to serve customers in the Southeast region of the U.S.
[Related: Top 5 Tech Markets To Watch In 2025 As IT Spending Hits $5.7 Trillion]
Contender Solutions is based in Tampa, Florida, which will also promote of presidio Market presence in Southeastern US
The acquisitions come after private equity giant Clayton Dubilier & Rice (CD&R) bought Presidio in April.
Financial terms of the claimant settlement deal were not disclosed.

Who is Contender Solution?

Founded in 2012, Contender Solutions is an elite ServiceNow partner providing a range of IT services including consulting, operations, managed services and cyber security.
The company specializes in managed services and staff augmentation where Contender’s experts serve as an extension of the client’s in-house team.
Claimant provides practices for all stages of customer maturity, from software management to security operations, as well as helping clients develop innovative solutions aimed at boosting performance, efficiency and growth.
Overall, Contender will enhance Presidio’s ServiceNow software services and implementation offerings with the goal of better streamlining IT operations and increasing customer productivity.

ServiceNow Chairman and Contender CEO Weighs In

Tom Hannigan, President of the Americas at ServiceNow, said that together Presidio and Contender Solutions will help expand the adoption of the ServiceNow platform.
“Presidio has strong relationships with clients who turn to them for their IT operations experience, AI expertise and results-oriented approach,” Hannigan said in a statement.
Contender Solutions CEO Jason Beck said in a statement that the new combined company will grow together and add “value to Presidio’s entire customer base.”
“Joining Presidio is a great opportunity for us to expand the services and value we provide to our clients, and just as importantly, it is a cultural fit for our team,” said Beck.
Presidio ranks 21st in CRN’s 2024 solution provider 500 List.

Five companies that won this week

For the week ending November 8, CRN will take a look at companies that have brought their ‘A’ game to the channel, including Ingram Micro, CrowdStrike, Accenture, Cynomy and Nerdio.

Week ending November 8
Topping this week’s Cam to Win list is distributor Ingram Micro for its latest steps to help solution providers work with the distributor and expand their capabilities in cybersecurity and AI.
Cybersecurity company CrowdStrike for strategic acquisition in the SaaS security space and IT services giant Accenture for acquisition of consulting services firm Anaplan also feature in the list.
MSP-focused cybersecurity startup Cynomy has made a key executive appointment this week. And Nerdio is here to expand the capabilities of its management tools for Microsoft applications.

Ingram Micro launches Ultra, helping partners up their cybersecurity game
To help solution providers work with distributors and expand their capabilities in cybersecurity and AI, Ingram Micro outlined steps for distributors at this week’s Ingram Micro One conference to help them win. At the top of the list.
One was at the top of the list of announcements from the event Launch of Ingram Micro UltraA new platform that will utilize cutting-edge AI and a tailored rewards system that will transform distributor interactions with their channel partners and provide them with a highly personalized experience. Ultra is based on the Xvantage platform Ingram Micro launched two years ago.
Ingram Micro is also providing partners with new tools to help, expert guidance, and a list of verified cybersecurity vendors Enhance your cyber security practicesThe distributor is also providing training, special programs and strategic support to the partners which helps the partners Work with Microsoft Copilot,
“The future of business is about transforming relationships, not just transactions,” said the CEO of Ingram Micro. Paul Bay said during his keynote speech In front of approximately 2,500 solution providers at the event. He focused on how AI, automation and scalable solutions are adding value to solution providers while also giving them a competitive edge in the market.
Ingram Micro also Announced a multi-year strategic cooperation agreement With Amazon Web Services that will help drive business for AWS partners by leveraging the distributor’s resources and expertise.

CrowdStrike to promote Falcon platform with Adaptive Shield purchases
CrowdStrike made the list this week in a deal to acquire SaaS security startup Adaptive Shield to expand the capabilities of its Falcon platform.
CrowdStrike President Michael Sentonas said in a blog post that Purchase of Israel-based Adaptive Shield SaaS and artificial intelligence in security are vital to the company’s future and “an essential part of our cloud security approach.”
“Our acquisition of Adaptive Shield takes us another step closer to providing our customers with the best possible protection against modern cyber attacks with the Falcon platform,” he said.
Adaptive Shield provides comprehensive SaaS Security Posture Management (SSPM) capabilities. Its technology provides full visibility and governance of human and non-human identities and their permissions, rights, activity levels, and public data across more than 150 SaaS applications to strengthen identity security posture.

Accenture boosts Anaplan capabilities with Elasticyx purchase
Staying on the theme of strategic acquisitions, Accenture this week acquired consulting company Elasticyx to expand its expertise and services around Anaplan corporate performance management software.
with acquisition Accenture will bring its expertise to Anaplan’s financial planning, financial analysis, sales performance management and supply chain management capabilities.
Accenture has been an Anaplan partner for more than eight years and the IT services giant’s Anaplan practice already includes more than 700 Anaplan-certified professionals. Analytics, based in Irvine, California, has more than 60 Anaplan functional and technical professionals who will join Accenture Technology in North America.
“Given the potential to unlock business value and fuel total enterprise reinvention, the demand for connected enterprise planning is growing,” David Lakestein, senior managing director and head of Americas Technology at Accenture, said in a statement. “Elastic’s highly skilled talent, deep domain expertise and agile approach to implementation complements our broader digital capabilities and expands our ability to deliver integrated enterprise planning transformation for our clients that delivers better, faster insights and bottom line. provide value.”

Cynomy appoints security industry vet as CRO to drive growth of vCISO platform
On the personnel front, MSP-focused cybersecurity startup Cynomy joins this week’s list Hiring Ken MarxA veteran of the cybersecurity channel, as the company’s new Chief Revenue Officer.
In the role of CRO, Marks is now leading all go-to-market operations for Cynomy, which only operates a partner model and does not sell directly to customers. Sinomi’s channel leader, Roy Barnia, vice president of channel sales, now reports to Marks.
Cynomy has developed an automated vCISO platform designed to secure small and medium-sized enterprises, providing capabilities equivalent to a GRC (governance, risk and compliance) tool, as well as gap analysis and creates customized policies and develops prioritized remediation plans to ensure cyber security. Was addressed.
Marks, who was most recently at SentinelOne, told CRN that the move to Cynomy was driven by the opportunity to help protect smaller organizations as well as enable MSPs to grow their businesses. He described Cynomy’s platform as “purpose-built to help MSPs create a new revenue stream.”
“I now see tremendous opportunity for MSPs and MSSPs – not only to provide vCISO services to their customers, but [Cynomi] It also becomes the ‘tip of the spear,’” he said. “Then they can open up opportunities to help [customers] “They will be improved by selling other services and other products to help make up for any shortfalls those customers may have.”

Nerdio introduces new Microsoft Teams capabilities, pricing structure
Nerdio, developer of Microsoft cloud product management tools, is further expanding its capabilities across the Microsoft “Modern Work” portfolio by introducing a per-customer, per-tenant pricing structure to allow flat rates regardless of the number of users. Used to be.
The Chicago-based company is expanding beyond its specialties in Microsoft Azure and Azure Virtual Desktop (AVD) with new ways for MSPs to use Microsoft’s collaboration tool Temas, cloud storage service OneDrive, document manager SharePoint, and email product Nerdio Manager for Exchange Online. Provides.
“We’ll continue to focus heavily on desktop virtualization, which is our legacy, but we’re going to be just as great when it comes to allowing you to leverage the full power of Microsoft 365,” said Nerdio’s chief executive. said Joseph Landes, revenue officer and co-founder. “We’re building full capabilities to leverage a more in-depth set of Microsoft 365 tools.”
among new capabilities Nerdio has centralized management for settings, file storage, email, and compliance policies for Microsoft Teams, OneDrive, SharePoint, and Exchange Online. According to the vendor, the goal is better collaboration and data management for solution providers leveraging these Microsoft products.

Sophos-SecureWorks merger aims to bring ‘superior’ XDR to SMBs: CEO Joe Levy

According to Levy and Secureworks CEO Wendy Thomas, the $859 million deal seeks to enable MSPs to better identify and respond to smaller customers who are increasingly targeted by cyberattacks.

employed acquisition According to Sophos CEO Joe Levy, Sophos’ acquisition of extended detection and response specialist SecureWorks will accelerate the cybersecurity giant’s effort to bring better XDR capabilities to protect frequently targeted SMBs.
Even with the addition of enterprise-oriented SecureWorks capabilities, “we’re going to maintain our focus on SMBs and midmarket, because we think they’re the ones that need better types of offerings the most,” Levy said in an interview.
[Related: Sophos-Secureworks Merger: 5 Big Partner Takeaways]
Levy and SecureWorks CEO Wendy Thomas spoke to CRN last week after the announcement of an $859 million deal between Sophos, owned by private equity firm Thoma Bravo, and SecureWorks, the majority owner of Dell Technologies.
According to Levy, the proposed acquisition will undoubtedly be one of the largest investments in SMB security in recent years, and importantly will also mean massive new opportunities for partners, including MSPs.
The focus on meeting the needs of partners “will be fundamental in the way we bring these companies together,” said Levy, a Sophos veteran who was named the company’s acting CEO and permanent CEO in February. in may,
Thomas said the goal of the merger is to create a combined company that can become an even stronger player in the fight against cybercriminals targeting SMBs and midmarket organizations.
“I think when you bring together two significant players with technology and the best managed detection and response services, you are able to bring enterprise-grade security outcomes that become accessible to the market at an affordable price – And ease of implementation – that changes the industry,” he said.
Officials said that while there is no doubt that SecureWorks XDR capabilities will be leveraged to enhance the Sophos security platform, integration is still being determined and whether SecureWorks will also be offered as a standalone platform. Will continue.
A rapidly growing category in cybersecurity, Is.

‘A more complete offering’

Executives at Sophos’ solution provider partners told CRN they are optimistic about the potential of the deal, saying it should make Sophos more competitive in the XDR and MDR markets, while making advanced security more accessible to smaller customers. .
To date, while Sophos has a broad portfolio of security offerings, the company does not have a full set of detection and response capabilities beyond the endpoint, the partners said.
However, assuming the Secureworks deal closes, “Sophos now has a more complete offering,” said Jason Norred, CISO at Littleton, Colo.-based Sophos Partner, Solutions II.
“Sophos teaming up with Secureworks allows them to do full-stack endpoint and MDR, and capture the rest of the organization’s security logs and do full XDR response capabilities,” Nored said. “I think it would be a compelling offer.”
The acquisition “definitely does [Sophos] More competitive,” he said. “This gives them a seat at the table.”
According to NORED, given the massive threat posed against SMBs, investment in bringing more XDR capabilities to small businesses is extremely welcome. “SMB organizations are in dire need of help,” he said.
Ultimately, “I think Sophos-SecureWorks is well-positioned to have a go-to-market offering that’s kind of an all-in-one solution that really helps SMBs enhance their security program at an affordable entry point.” Allows,” Norred said.

‘head on’ competition

Other Sophos partners who spoke with CRN agreed, including Michel Drolet, founder and CEO of TowerWall, a provider of solutions and professional services for security based in Framingham, Mass. Drolet said there is no doubt that the acquisition puts Sophos in a position to compete “more generally.” With more players in the MDR market, however, much depends on integration and pricing models.
Still, many existing MDR providers are “a little expensive for the SMB play,” which could give Sophos a big advantage if it can keep its expanded MDR offering affordable for smaller customers, she said.
Tyler Rasmussen, vice president of cybersecurity at Executech, a Salt Lake City-based Sophos MSP partner, also praised the planned acquisition of Secureworks by Sophos, calling it a “very positive and encouraging sign.”
The deal “confirms their commitment to investing in and continuing to improve their XDR and MDR services – which are now absolute requirements for SMBs,” Rasmussen said.
Speaking with CRN, Levy said a key aspect of the opportunity ahead is that the combined company brings an “improved” model when it comes to security operations – one that truly integrates XDR and SIEM (security information and event )’s arrangement to “accelerate convergence”.
“Certainly, the technology that SecureWorks has built into its Tagis platform has tremendous value,” he said. “I’m very excited about the added value that we’re going to be able to provide to our customers.”

Vulnerability detection, threat detection

Some specific areas cited by Levy include SecureWorks’ vulnerability detection and response capabilities — which “we know is going to be very valuable to our customers,” he said.
Levy also pointed to the identity threat detection and response (ITDR) offering from SecureWorks, which will enhance Sophos’ existing ITDR capabilities in the Microsoft ecosystem.
“The ITDR capabilities that SecureWorks has built are ahead of most other security offerings we have seen in this space. So there’s incredible value there,” he said.
Both CEOs emphasized the partner-first mindset of each of their companies, suggesting this bodes well for the integration of channel programs once the deal closes.

‘Turning the tide’ against hackers

Thomas, who helped oversee Secureworks’ transition from an MSSP to a security vendor focused on XDR, said the company was also really inspired by Sophos’ commitment to partners.
“Sophos has a really great reputation in the partner ecosystem,” he said, adding that the company had learned early on that “the example we should emulate is the Sophos partner approach.”
Levy said he believes the combined company’s relationship with MSPs will be “key to really turning the corner for us” in SMBs’ fight against threat actors.
Overall, “I think we have a really powerful opportunity in how we’re going to bring these two entities together,” Levy said.