Security for MSPs means watching for deviations and concentration on the key apps, people and devices, says a major provider.
At its EmpowerMSP channel event in Amsterdam, SolarWinds gave details of how it is adding to MSPs’ portfolio with a new partnership with SentinelOne, expanding its security with SolarWinds Endpoint Detection and Response. With a live onstage demonstration of a ransomware attack and roll-back the addition to the platform is designed to support the managed services business to SMBs which is coming under increased attack.
This addition to the IT security portfolio is designed to help MSPs prevent, detect, and respond to the latest threats to customer endpoints with patented “Behavioural AI”.
Partners will get the ability to view threat and incident data to help keep customers ahead of threats—on most devices, virtual or physical, endpoint, server, or cloud—providing greater visibility into suspicious activity and advanced attacks, it says. If an attack succeeds and a breach occurs, remediation and rollback with automation helps ensure recovery.
“MSPs and the small businesses they serve are prime targets in today’s evolving threat landscape. So it’s more important than ever for MSPs to understand the nature of the attacks they are facing and to be proactive,” said John Pagliuca, executive vice president, SolarWinds MSP. “We are pleased to partner with SentinelOne to offer Endpoint Detection and Response to our partners to help them protect endpoints and defend against a broad range of online dangers.”
Tomer Weingarten, CEO and Co-Founder, SentinelOne: “One of the most damaging trends we’ve seen of late is the increasingly widespread adoption of fileless attack techniques which are designed to silently infect systems without leaving behind any obvious traces. Traditional methods such as AV are not enough to protect against advanced attacks—so having endpoint protection, which uses behavioral and static AI to prevent and detect these types of attacks is vital.
Tim Brown, Security VP at SolarWinds tells IT Europa that the monitoring of deviations from a norm will become a new standard and that MSPs should put themselves in a stronger position by starting to gather the data now. “Use a simple approach and become more effective later on as networks evolve to a zero-trust model.”
Reflecting an acknowledgement that not all aspects of an enterprise can be protected, he says he is moving to an 80-20 model with a much tougher regime on the 20% who are the administrators and key users, apps and devices, while allowing the 80% to change and control themselves, always giving them to ability to be rewound to a safe state. “In this way we can give much more resource to the areas that matter and balance the threat.”
He warns of more sophisticated attacks on the way targeting service providers.The channel also needs to be more aware of impending legislation covering personal use of data coming from both the US and Europe which will impact their services customers. With this in mind, he is advocating a wider use of an ecosystem of MSSPs and MSPs.
“SolarWinds can act as marriage-broker here, with standardised contracts and even arbitration. MSPs should not be concerned at MSSPs trying to eventually take over their customers; there is enough margin for all, and the specialists really don’t want that business.”
And MSPs will find it hard enough to find and keep resources in the specialist areas.
Pictured: Daniel Bernard, CMO SentinelOne demos threat detection and response as a new partnership with SolarWinds MSP was announced.