Datto looks to bring EDR and MDR to smaller SMBs through their MSPs with Infocyte acquisition

Datto had some degree of both EDR and MDR available before, mainly through packages available through their RMM, but they believe that the integration of these technologies into their platform will take their security to another level.

Ryan Weeks, Datto’s CISO

Datto has acquired Austin-based threat detection and response company Infocyte, believing that their technology will be a major boost to their overall security capabilities and that it will resonate with smaller SMBs and their MSPs, a market which Infocyte had not targeted in the past.

Datto had some capabilities in EDR and MDR before this, but they were limited.

“On endpoint security, we had capabilities from the RMM solution in terms of environmental assessment and pathing,” said Ryan Weeks, Datto’s CISO. “Last year we introduced ransomware detection, which is similar to EDR – but we didn’t have anything beyond the RMM. And you would have to bring that to the RMM. So in terms of EDR, this is a pretty substantial addition to our endpoint protection.”

Weeks said that Infocyte’s EDT is one of the better ones out there.

“It is a solution with a highly effective capability that has a strong ability to be integrated with our platform,” he noted “Infocyte also has a strong pedigree of talent. Their team has great ideas about what they want to do with the product and we can help them bring that to the market more quickly.”

Infocyte has been emphasizing their MDR capabilities, and Weeks said that while this kind of threat hunting capability has been slower to move into MSPs serving the SMB market – who are most of Datto’s customers – the company believes that time for expansion into this market has arrived.

“MSPs know that the ability to attract and keep SOC talent of their own is difficult,” Weeks said. “MSPs have been using EDR for a couple of years now, and are starting to understand the value of MDR on top of EDR.”

Datto has offered RMM capabilities before, but once again, it would be something that needed to be brought into and available through their RMM.

“Before, we would deliver threat hunting packages to customers through those component packages in our RMM,” Weeks indicated.

Weeks indicated that this acquisition was the result of a fairly long process.

“We’ve been looking at various different security capabilities for a while, and we were very patient, looking for one that we think we can really deliver an extraordinary experience with,” he said. “This one had great technology, very smart people. We’ve been really patient as opposed to some competitors who gobble things up to be quick to market.”

Weeks also contrasted the roadmap plans for Infocyte within Datto with the way their competitors typically integrate new technology. Many – actually almost all of them – keep most of the acquired products separate, to make it easier to sell them to MSPs who do not use the company’s RMM or PSA.

“The way we tend to approach all acquisitions is that they become 100% part of Datto, rather to set them up as separate business units,” Weeks said. “We see this as a platform solution, not as a point solution.”

Infocyte and its channel partners have traditionally sold into the top end of the SMB and to the midmarket, while Datto also covers the lower parts of the SMB as well, where many MSPs operate. Weeks said that they see the technology as being highly relevant to smaller SMBs and the MSPs who serve them.

“Infocyte and ourselves both see how this could be an incredibly valuable tool at the SMB level,” he noted. “We have a deep pool of SMBs who play in that space. The larger part of the market has been the largest consumer of these technologies, and Infocyte has focused on that market, but that doesn’t preclude these solutions from being sold lower in the market.”

Datto expects that the key people at Infocyte will be coming to the new company.

“I have met with both the founders and my sense is they are really excited for this next step,” Weeks said. “I don’t think it’s the kind of transaction that you execute and walk away from, and we want really smart people to help SMBs with their security challenges.”