The Securonix partnership broadens Cylance’s deep roster of SIEM relationships, but the one with Thycotic around Privilege Account Management is a first for Cylance.

Cybersecurity vendor Cylance has announced a pair of new strategic relationships, with Privilege Account Management [PAM] provider Thycotic, and with next-gen SIEM vendor Securonix. Both are technical integrations which add Cylance’s capabilities to the partner’s interface through a single pane of glass. Both relationships also have go-to-market components, which will be of interest to the partners who do the vast majority of Cylance’s deals.

“We are a channel first company, and transact almost exclusively through partners,” said Didi Dayton, Cylance’s VP of worldwide channels and alliances. “It has produced a wave of loyalty, the likes of which I’ve never seen. Partners like our technology because it is multi-tenanted solution and supports building managed services. Because it is AI-based, it supports all the operating systems. We are also good at covering offline solutions and ones that have not been patched, because we put a protective shell around the OS and check everything going in with AI. Our mission is to give IT security their nights, weekends and holidays back – that’s when most attacks tend to take place.

Cylance pretty much covers the entire market. They started in the very large enterprise, with up to 400,000 seats, and have steadily moved downmarket as well. They recently introduced their first consumer product.  Their channel measures in the hundreds, and they continue to increase that each quarter.

“We have traditionally sold into the security channel and we have added infrastructure partners, some of whom acquired security companies, so that we now have a blend of partner types,” Dayton said. “We are also strong among MSPs, especially MSSPs.”

Cylance’s network of strategic alliances, managed through their Axiom Alliance Program, is a critical part of Cylance’s strategy.

“Axiom is a fundamental part of our long term strategy,” Dayton said. “Customers can’t keep up with the volume of alerts, and there aren’t enough security practitioners available, so we augment human capabilities with tools and AI-based solutions. Our strategic partners enhance this with a portfolio of best of breed, cloud-focused, and preferably AI-based technologies. We also get a lot of feedback on best practices from them.

The integration with PAM vendor Thycotic validates the compatibility of CylancePROTECT with Thycotic Privilege Manager.

“This is our first PAM partnership,” Dayton said. “With some common types of vendors, like SIEMS, we have many partnerships, but with more specialized areas, we tend to limit it to one or two.”

Dayton said that this integration is aimed at enterprise customers. It lets security admins view CylancePROTECT threat scores from the Privilege Manager dashboard, and initiate appropriate coordinated, enterprise-wide responses.

“It allows Thycotic’s solution to leverage our convictions in real-time,” she stated. “Privilege Manager will verify the reputation of an application before executing it, and depending on our threat scores, can either execute or blacklist it. Traditional AV just focuses on known bad, but we are broader than that, and can tell both known good, known bad, and anomalies to the known good. It gives the customer much greater depth in reporting.”

There is also a go-to-market component to the partnership.

“It is very much a ‘meet in the channel’ thing,” Dayton said. “It’s about sales alignment. We will go after shared accounts together and make introductions on either side. We use the Axiom program to drive a partner-led go-to-market strategy with incents to go after the shared customer base, and bonuses for selling the portfolio rather than just a single solution.”

Cylance’s integration with next-gen SIEM provider Securonix support the interoperability of CylancePROTECT with the new release of the Securonix Security Analytics Platform. Together, they give SOC teams a single-pane view of both cloud and endpoint security events through the Securonix dashboard, as well as continuous protection and prevention capabilities.

“We look at SIEM integrations from the vantage point of a customer,” Dayton said. “Many have issues with so many alerts coming in. This integration gives them the ability to preanalyze data, enrich it, and contextualize it – with a level of accuracy based on our conviction. It removes a whole layer of SOC specialists’ tasks. It also prevents lateral movement that would traditionally be more of an EDR [Endpoint Detection and Response’ solution. Cylance can lock down systems in ways other traditional security can’t.”

There is also a meet-in-the channel go-to-market play with Securonix

“We have developed a number of videos and other tools for partners to have talking points,” Dayton said.