Cynet has added centralized log management and SaaS Security Posture Management to their platform, while at the same time building out their SOAR there.

XDR [Extended Detection and Response] provider Cynet has been busy making some major shifts to both their platform and to their Go-to-Market strategy. This includes the addition of new capabilities to their XDR platform, and a shift from a channel-preferred model to a 100% channel one.

These transitions come on top of an earlier move from the EDR market to the XDR one.

“We started out in endpoint, but Eyal Gruner, our CEO, understood that EDR was not the biggest challenge in the growing security market, especially for small and medium-sized accounts,” said Royi Barnea, head of North American channel sales at Cynet. “As a result, we switched our focus to XDR.” At that time, XDR was fairly new in the market, so they typically described themselves as EDR with additional capabilities.

A more recent shift is that from the beginning of this year, Cynet has adjusted their Go-to-Market strategy. They were a channel-friendly company before, and most of their customers came through partners, but they have adjusted that so that now they are 100% channel.

“Now with our 100% channel strategy, everything goes through our VARs, service providers and resellers,” Barnea said. “We changed it because today, the only way that you can scale is through the channel. Every time that you work with the channel, you can provide more value to the end client.”

At this point the channel has close to 100 service providers, and about half that many resellers.

“Those numbers are changing rapidly, however,” Barnea said.

Cynet’s focus is the SMB space, which represents something of a move downmarket from where they started. Barnea emphasized that in selling into this space, the product has to be easy to administer while at the same time providing the necessary range of advanced security capabilities.

“We have recently made significant changes to our platform, adding three game changers to our single unified platform,” Barnea said. “The first of these was centralized log management, which provides the real time visibility necessary for SIEM. We brought this in about eight months ago. It’s a huge differentiation in that you can see everything on one dashboard that ties all of the dots together. Partners and customers want to see that.”

The second recent addition has been SaaS Security Posture Management [SSPM].

“It enables setting up configurations that are in compliance, and then looks for all drifts from configurations in real time and enables a quick fix,” Barnea said. “These are typically common entry points for bad guys. Today, we support Office 365, AWS, GSuite, Azure, Zoom Teams, OneDrive, Sharepoint and Salesforce, and we are also adding others.”

The third feature, a full SOAR [Security Orchestration and Automation Response] , is still in the process of development.

“Developing a SOAR will make us a true XDR,” Barnea said. “It enables a drag and drop to third parties and not only by the endpoint portion. A ransomware playbook can also be set up to define a routing table and deal with impersonation.”