RocketCyber sees huge potential in new app to let MSPs manage Windows Defender

RocketCyber has added Defender Manager to its SMB-focused security platform for MSPs, and will also be introducing new AI and machine learning capabilities across their portfolio.

Billy Austin, RocketCyber co-founder and President

Dallas-based RocketCyber, which makes a threat monitoring platform for MSPs, has announced the general availability of Defender Manager, a significant new app. It provides multi-tenanted command-and-control for the Microsoft’s Defender security solution.

RocketCyber emerged from stealth last fall at the ConnectWise Connect event, with a platform of apps available to MSPs at a differentiated cost. They announced the platform’s general availability in January.

“We have been growing well, and are now up to a couple hundred MSPs,” said Billy Austin, RocketCyber’s President and one of their two co-founders. Austin and co-founder Carl Banzhof, the CEO, are on their third company together. Citadel Security, which made security compliance software, was acquired by McAfee in 2006. iScan Online made an automated risk intelligence solution and was acquired in early 2016 by LOGICnow, which in turn was acquired soon after by SolarWinds.

RocketCyber, unlike the two founders’ first two companies, which were enterprise in focus, is aimed at the SMB space. The platform is designed to provide MSPs with differentiated services that go beyond the usual firewall and endpoint protection. Defender Manager is the sixteenth app so far, with many more still in development. All are designed in-house.

“Quite a few people have been asking for this Defender app,” Austin said. “The issue is created because Defender is installed natively in the Windows OS. In the small business space, you have a lot of people with it enabled, who do not have it managed. So when MSPs come in there, there has been no way that they can easily manage them. Defender Manager leverages our system to give the MSP command and control over Defender.”

Austin said that this is of growing importance to MSPs, because unlike Microsoft’s early attempts at security, which were so ineffectual that they birthed the third-party endpoint vendors, Defender is an extremely strong product.

“It’s doing very well on reviews compared to traditional AV vendors,” he stated. Robert Boles of BLOKWORX, an MSP cited in our press release, has been using Deep Instinct for his primary defense, and has been using our threat hunting and other capabilities to monitor what slips past that. But he is now enabling and using Defender because it provides additional functionality and protection of attack surfaces. Defender has also added machine learning and AI, so while everything can eventually be broken into, it has been very hard to circumvent.”

As a result, many MSPs are now using Defender not as a backup to a third-party solution, but as the primary solution – which makes its management all the more important.

“We have many other MSP customers who are ripping out their primary endpoint defense and replacing it with Defender,” Austin said. “We anticipate more of that than using it as a secondary layer. We think it will eat up a lot of the market.”

Some long-time favorites in the MSP space are vulnerable, Austin said, for different reasons.

“Webroot has been having issues since their acquisition by Carbonite,” he noted. “I was always a fan of Webroot before they were acquired, and I’ve followed carefully what Carbonite’s management has been doing, and it seems like they are making good moves, but for whatever reason, many in the channel have a bad perception of them. Similarly, we have two large MSPs that have been using Symantec, but they are migrating off it because of the issues that the company has been having.”

What Austin calls calls the ASCII market – small MSPs – is heavily weighted to Webroot and BitDefender. Above that, MSPs are all over the place, with an enormous number of providers.

In addition to the new app for Defender, RocketCyber has quietly indicated that RocketCyber will be adding new AI and machine learning capabilities to this and other apps.

“These are features that all our apps will be leveraging,” Austin said. “It involves the kind of functionality you get from vendors like Cylance, and will beef up both our threat monitoring and Defender Manager. It will be like putting golden earrings on Defender.”