SIEM-at-the-Edge, which combines SIEM and managed detection and response, and Breach Detection Service, which is just the SIEM, are seen as ideal channel offerings as Netsurion looks to build up its partner ecosystem.

Ft. Lauderdale-based managed security service provider Netsurion has announced two new threat detection services, SIEM-at-the-Edge and Breach Detection Service. The new offerings leverage the SIEM [security information and event management] technology that Netsurion acquired last fall with EventTracker. This both adds SIEM capabilities to Netsurion’s MDR [managed detection and response] capabilities, and expands EventTracker’s technology beyond its traditional market into the multi-location market space of franchisees and branch stores. They also offer new opportunities for Netsurion’s channel, which has had less importance in the last two years than formerly, but which is a natural fit for these services.

Netsurion has been around for almost 25 years, although the name is much more recent, having been rebranded from VendorSafe Technologies in 2015. The new name was part of the changes implemented when private equity firm Providence Strategic Growth acquired the company, changes which also saw a significant capital infusion.

“We sell cloud-managed firewall services across North America, with a strong focus on franchise and multi-location organizations, like restaurants, retail, hotels, moving companies and gyms,” said Kevin Watson, Netsurion’s CEO. “Our sweet spot is companies which have a good central IT infrastructure, but where security at individual locations can be minimal to non-existent. That’s where we come into play – protecting those individual locations.” Burger King, Dairy Queen, Applebee’s and Holiday Inn are among their lighthouse customers, and typical, Watson said, of the kind of companies Netsurion does business with.

“Our managed firewall services cover SMB, but also companies like Burger King,” he said. “On one hand, they are a Fortune 1000 company. But in terms of the way they are structured, with most of the company in small distributed locations, it’s more SMB.”

The company they acquired, EventTracker, was a 10 year old SIEM services company.

“They had been targeting mid-size enterprise – banks, insurance companies, utilities, and health care – a very different market from us, more upstream, although there is some overlap,” Watson stated. “So for them, the attraction was the ability to expand into a new market. Addressing the franchise market is not an easy thing to do. We have done that from a sales, marketing and customer service perspective, dealing with thousands of locations who want to be treated as unique entities. The Providence equity backing also gave them the capital to grow their capabilities. It enabled them to scale, giving them the ability to triple their sales team within six months.”

Watson said the acquisition was prompted by changes in the nature of security threats to their multi-location market.

“A year and a half ago, we started to notice a troubling trend in managed services for franchises,” he said. “Before that, you saw phishing affecting small numbers of stores. That began to change. Last year, there were more significant breaches through third parties that had access to large numbers of locations. This circumvented the firewall and anti-virus protections in place. Enterprises use SIEM technology for things that get past the endpoints, but SIEMs are expensive and can be difficult to manage. EventTracker also saw this problem and were looking for ways to address that. So we decided it made sense to put the two businesses together.” EventTracker is now a separate division of Netsurion.

SIEM-at-the-Edge and the Breach Detection Service are the first fruits of this partnership.

“With these, for the first time we are launching a combined product where we take this SIEM technology and offer it to our franchise types of buyers,” Watson said. “It’s new technology, delivered on a managed basis, which complement firewall and anti-virus solutions.”

SIEM-at-the-Edge includes both the SIEM capabilities and MDR abilities.

“It’s unique in this ability to not only have SIEM but also MDR,” Watson said. “This means, for example, that it doesn’t just alert the customer to an employee plugging in a USB drive. It also can shut it down before the data is transferred. That capability is critical for this customer base. A good mid-size company will have someone from the IT department who can be called at 2 am if there’s a problem. Franchisees and SMBs don’t have anyone to call, so having the ability to take proactive steps to prevent harm in real-time is key.”

The Breach Detection Service is aimed at the same market, but only has the SIEM capabilities.

“It is SIEM-at-the-Edge ‘lite,’ similar tech but without the MDR, which provides purely automated alerting for our market,” Watson said. “It comes at a lower price point, and is for companies that are more cost conscious. It lets them mitigate the threat within hours – as opposed to not knowing about it.” Breach Detection Service starts at $10 per month per location, compared to $20 per month per location for SIEM-at-the-Edge.

Watson sees the new services as likely to help reinvigorate Netsurion’s channel, which has become proportionately less significant since Providence’s capital increased the size of the direct sales force.

“We have been doing channel for many years, and had been generating close to 30 per cent of our revenue through partners,” he indicated. “When Providence grew the direct sales size of the business, the channel shrunk to 10 per cent, through close to 20 partners. We would like to grow that back up again. It hasn’t been the primary focus for the last couple of years, but we will be putting more emphasis on that going forwards. These services make a lot of sense for partners and potential new partners, because they resonate with providers of a whole host of services.”