RapidFire Tools rebrands upgraded internal threat detection tool as Cyber Hawk to help MSPs sell higher value services

RapidFire Tools has refocused and rebranded their Detector software appliance to better leverage its strengths for MSPs, which involve their being able to use it as the foundation of a higher-margin security practice.

Mike Mittel, RapidFire Tools’ CEO

A year ago, RapidFire Tools unveiled their Detector SDS internal threat detection and alerting tool. Now, a year later, they are rebranding it as Cyber Hawk, while also adding some new functionality. The name change doesn’t reflect the new capabilities, but rather the desire to better emphasize what the product does, and the differentiated and higher value services it allows MSPs to offer customers.

RapidFire Tools’ core offerings, sold through a large channel of partners, are the Network Detective tools, which cover General Networking, IT Security, SQL Server and Exchange. They also offer a pair of compliance modes and three software appliances, one of which has been Detector.

“In the short time since we introduced Detector, the product itself has evolved very quickly,” said Mike Mittel, RapidFire Tools’ CEO. “All our products use the same underlying technology, which involves the quick scanning of a network to pick up lots of data points and then massage them into meaningful information. Everything used to be marketed around the Network Detective brand, but its output is reports, which are of value to the MSP to show their value, for prospecting and to close business. However, with this newer product, the output is ALERTS. The products have fundamentally different values.”

The value of the product now called Cyber Hawk is also significantly higher to MSPs.

“It allows the MSP to offer a higher level of security service, which they can charge much more for,” Mittel said. “The Cyber Hawk name better speaks to the value proposition. There was also some confusion with the similarity of the names Detector and Network Detective. Cyber Hawk is simply better branding.”

Rapidfire Tools has done more than rebrand the product however, making changes to better help MSPs leverage its value.

“When we first came out with it, it was an appliance detecting incidents behind the firewall,” Mittel said. “We soon realized that the big value to the MSP wasn’t in the technology, but in the ability to sell it to their customers and then support it properly. This realization that the MSP could use this as the foundation for a security service led us to build in a lot of features that have nothing to do with the appliance technology itself, but for services around it. We needed to help the MSP sell and support it more effectively.”

Thus, while the appliance initially performed an automated scan for insider threats and generated email alerts to the MSP for action, Rapidfire Tools soon moved to allow MSPs to direct a portion of those alerts directly to the clients, with built-in “action links” directing the MSP to investigate the suspicious alerts, or ignore the alert if the threat was a known and allowable exception to the client’s policies.  Each appliance could also be custom-configured with “Smart Tags” to precisely represent each client’s specific network policies. Over the last year, the company has also added in four pre-configured service plans for MSPs.

“These service plans are still evolving, and some are templates that MSPs can modify to their liking,” Mittel said. “They allow MSPs to offer different level of security services, catalogue them and explain them to clients. Typically, they roll out lower level of security for less price and then later upsell to higher levels of security.”

Two new enhancements have been made to Cyber Hawk co-incident with the rebranding.

“We have added a Smart Recommendation system that provides more detail on threats and how to best remediate them,” Mittel said. “The MSP can now do everything in a single pane of glass. The product also provides much more specific recommendations than before, that allows the MSP to solve problems – whether around things like patching or anomalous user behavior. It cuts down significantly on the MSP workload.”

Weekly and monthly Incident Recaps have also been added.

“This is a net-new capability,” Mittel indicated. “Network Detective does reporting, but it provides a very different kind of report, which is all about management plans and documentation. The Cyber Hawk reports are client-facing. They are designed to keep an audit log of all the things that Cyber Hawk has found. It gives the customer some visibility into the importance of the security appliance. It also identifies issues that the system could have detected if the customer was in a higher-level plan from the MSP. The MSP can then use those reports to upsell.”