Infocyte adds a Microsoft 365 protection solution to their platform to fill what partners had said was the biggest gap in the need for a solution that was both effective and easy to use.
Austin-based cybersecurity vendor Infocyte has announced availability of their Microsoft 365 Security Module, a solution designed to protect midmarket customers against credential theft and other types of breaches that are problematic in Microsoft environments. Infocyte says that the solution is the easiest in the market to operate, a key factor because a common problem in today’s Microsoft environments is not the lack of available protection, but the ability of many customers to configure and monitor the environments optimally.
Infocyte provides endpoint detection and incident response capabilities modelled around techniques that the former U.S. Air Force cybersecurity team founders used to deal with state sponsored and sophisticated attacks.
“Our vision was to provide the tools to respond to endpoint-based threats and responsibilities,” said Curtis Hutcheson, Infocyte’s CEO. “The platform has evolved substantially since its inception, with hundreds of partners, of whom about 100 can be termed active ones. Our biggest partner continues to be Check Point, then AT&T, PWC and independent partners. Carbon Black and Crowdstrike are our main competitors.”
The percentage of business that goes though partners has increased since Hutcheson was named CEO three years ago. Then it was about three-quarters channel, and today that percentage is over 90%.
“Some customers insist on us monitoring them directly, but leads all originate with partners,” Hutcheson said. “We have been consistent with moving to a partner- led Go-To-Market. We had made that decision at the beginning, but we hadn’t executed on all of it.”
The Microsoft 365 Security Module is designed to provide partners with a tool to address a huge problem in the market.
“Solorigate [the SolarWinds breach] proved that the entry vector is not the biggest risk,” said John Norden, chief security officer and vice president of engineering at Infocyte. “The greater danger is attackers getting credentialled access to Microsoft 365. Our Partner Advisory Board said that this was their number one gap. You have to protect endpoints and monitor them and also be prepared for social engineering to acquire customer credentials. We are combining our endpoint capabilities with the most important capabilities needed to protect the Azure world. That’s what this is about. It’s not having additional layers of security that matters, but proper securing of what you have and constantly monitoring it for drift.”
The module adds Microsoft 365 to the Infocyte platform to provide a simple-to use solution against phishing, credential theft and other misconfiguration actions.
“MSSPs have developed some scripting and some level of automation, but there aren’t a lot of simple solutions,” said John Norden, Head of Engineering at Infocyte. “A challenge with many of the tools out there is that they have to be deployed in non-SaaS based environments. As a result, a lot of partners do this manually or through PowerShell, and it can take 3-5 days. Our focus is on midmarket customers, and we are trying to make this more accessible and easier for them to do. We leverage API in way that’s the simplest in the market. There’s nothing to deploy in your environment. You can start in five minutes.”
Hutcheson said that the effectiveness and simplicity of the solution in exposing risk in Microsoft 365 environments has generated considerable enthusiasm among partners.
“So far, we have done 30 different partner previews, and the response has been 100% positive,” he stated. “Many partners see it as an important pre-sales capability. We expect over 90% of the partner base will use this. We also expect it will pick up new partners for us. Microsoft 365 is a much larger unmet need than endpoint. There are a lot of ways to skin endpoint, but not a lot that do Microsoft 365 like this.”
Infocyte’s Microsoft 365 Security Module is sold as an option within the platform.
“It’s a module on the platform, where the customer pays to turn it on,” Hutcheson said.
Hutcheson also noted that some significant enhancements are coming to the module that weren’t quite ready at launch.
“Today, we are just doing manual alerting , but real-time alerting will be coming later in March,” Hutcheson said. “It can be monitored by us, or by the partner and customer directly. April will include real time monitoring report generation.”