SOC-as-a-service vendor Arctic Wolf announces PSA integration with ConnectWise Manage

Arctic Wolf has broadened out its channel strategy to place a new emphasis on MSPs, and sees the ConnectWise integration as a key step in executing that.

Arctic Wolf’s SOC

Sunnyvale CA-based Arctic Wolf has been offering its turnkey Security Operations Center[SOC]-as-a-Service — AWN CyberSOC – since early 2015. They have now broadened its go-to-market, announcing AWN CyberSOC’s integration with ConnectWise Manage, their first such integration. They will also be demonstrating the integration at the ConnectWise ITNation event this week in Orlando.

At first, Arctic Wolf sold its SOC-as-a-Service direct, targeting small and midsized companies who have all the security challenges of larger companies, but not the budget for a SOC of their own. They target companies in the 200-2000 employee range, with 400-800 being their true sweet spot. This is primarily a channel market, and the intent was always to take the offering there, once Arctic Wolf had established that people would buy it. They began building out their channel in early 2016.

Initially, MSPs were not the primary focus. The original objective was to recruit solution provider partners, and keep the channel relatively select, with only a few large national and international partners, and a couple regional ones in every major location in the U.S. and Canada.

“Since then, there has been a bit of a shift in strategy,” said Young-Sae Song, Arctic Wolf’s VP of Marketing. “We were then at the beginning stages of our channel program. We came to realize that our partners fell into three camps.”

Partners who sold to larger customers tended to not be a great fit – because they would be likely to have developed similar offerings of their own.

“They already had services they were selling to enterprises, which overlapped with ours,” Song said. “We think our approach is better, but they had already made the investment to develop their own business in the area.”

A second group, VARs that serviced smaller enterprises and mid-market customers, got better results.

“This group services companies that can’t afford to have a dedicated security team internally, but these VARs, unlike the larger ones, didn’t have the teams to build out an internal capability of their own,” Song said. “So we found that that was a great fit, and we got a lot of traction there.”

MSSPs and MSPs are the third group.

“We found we kept running into smaller partners – MSPs and MSSPs – who served even smaller companies that faced the same issues,” Song said. “We started working with a couple here and there, and concluded there was an unmet demand. We then began to make a strong effort to sign up MSP partners.”

At this point, they have more than 50 reseller partners and 35 MSPs.

With the increased focus on MSPs, working with the companies who service the MSPs was a natural extension. Song said ConnectWise was also a natural place for Arctic Wolf to make their first integration.

“80 per cent of MSPs we worked with asked us for this integration,” he said. “Not having these integrations hasn’t held us back from signing up partners, but we think that having them will really accelerate adoption of security services across MSP partners.”

Arctic Wolf does have other PSA and RMM providers on the roadmap, Song indicated.

The integration automates the notification and assignment of ticketed security incidents to ConnectWise Manage.

“By the time AWN CyberSOC actually gives the notification to the MSP, we will have identified the threat, analyzed how much damage has been done, and given recommendations how to remediate that threat,” Song said. “It’s meant to be an actionable notice, not a general alert, which tend to be noisy or useless.”

Song said that it doesn’t take much work to get MSPs to understand SOC-as-a-Service’s value to their business.

“They get it pretty quickly, and it has been very easy to explain it to them and get them to see its value,” he said. “Criminals today hack across multiple points, not just Windows machines or firewalls. That’s what a SOCaaS does – looks at the entire attack service and gives a full picture of threats. Most importantly, it identifies the ones that been successful, and how to address them.”