11 posts categorized "outsourcing security"

September 14, 2011

Alert Logic CAPP Service

As I have written before I do some writing and consulting for several companies. One of them is Alert Logic, who offer a great line up of cloud-based, Security-as-a-Service solutions. 

Today Alert Logic announced their new CAPP program which allows most any security vendor to leverage the AL cloud based platform, turning their security solution into a cloud based managed security service. 

I wrote about over on SecureCloudReview.com, but wanted to mention it on here as well. Here is the article from over on SCR:

Today Alert Logic announced a significant new program that they are calling CAPP (Cloud Acceleration Partner Program). CAPP allows just about any security solution to plug into the Alert Logic Security-as-a-Service, cloud based architecture and become a cloud-based managed service.

This should be a huge development in the security marketplace.  Using the rich APIs developed for the CAPP program, security vendors seeking to integrate into the Alert Logic Security-as-a-Service offering can allow the cloud based platform to “ingest, correlate and analyze security data from individual security tools”.

The first CAPP partner announced for the program is Rapid7, the company behind the Nexpose VM solution and the Metasploit pen testing suite (Rapid7 is also hosting an exciting new conference called UNITED next week). Utilizing the CAPP API’s Alert Logic and Rapid7 now offer ASV PCI scanning as a service.  Other partners should be announced soon.

The CAPP program means that security solution providers don’t have to invest in developing a cloud-based delivery and management solution. They can concentrate on making their own solutions better, yet still enjoy a managed, cloud based option.

From the Alert Logic point of view it allows them to build on their strengths. They have invested millions of dollars and years of time developing their cloud-based Security-as-a-Service platform.  Now in addition to the solutions they already offered via this platform, a new wide range of solutions will be available as well.

It should be very interesting to see what new solutions come via the cloud as a result of CAPP.  It is certainly a program and technology whose time has come.

Related articles
Enhanced by Zemanta

Posted at 11:43 AM in cloud, Current Affairs, other security companies, outsourcing security, the security industry | | TrackBack (0)

April 11, 2011

Good News From Alert Logic

Image representing Alert Logic as depicted in ...

Image via CrunchBase

My friends at Alert Logic posted two press releases today containing good news for the company.  In the first release they announced that they had raised a Series E round of funding totaling 12.6 million dollars.

Besides existing investors, Updata Partners, Covera Ventures, DFJ Mercury, and Access Venture Partners, several members of the company’s management team invested as well.  It is always a good sign to see the management team putting skin in the game. The money will be used to expand all phases of the business.

In the second release, Alert Logic announced that they had broken through the 20 million dollar revenue run rate barrier. In the past I have taken private companies to task for releasing “another great record quarter” press releases. The reason I have is because they usually don’t include the actual numbers. But in this release Alert Logic announced 2.3 million in new ARR for the quarter, bringing the companies ARR to 20 million.

It would seem that Alert Logic’s SaaS delivery model and strategy of selling through cloud and hosting providers is working and paying dividends. The company has doubled revenue since 2009 when they began to pursue the service provider channel.

Very impressive news from Houston. Congratulations to Gray Hall, Misha Govshteyn, Urvish Vashi (an old Interliant friend) and the rest of the team there.

Enhanced by Zemanta

Posted at 08:44 AM in friends, General Security, other security companies, outsourcing security, SaaS, the security industry, vulnerability management | | TrackBack (0)

January 04, 2011

Dell Buys SecureWorks – Primetime for MSSPs or Catch up to IBM and HP?

Image representing Dell as depicted in CrunchBase

Image via CrunchBase

M&A in the security market got off to a big start this morning with news of Dell buying Atlanta based MSSP Secureworks. While it is certainly vindication of the importance of security to the big IT companies, make no mistake about it, Secureworks is a very different buy than HP buying TippingPoint or Arcsight. 

Secureworks is an MSSP. This deal is about managed security as a business, not about security products. Not even the IBM/ISS deal a few years back was so clearly focused on the MSSP side of the house. This is really a huge vindication of the MSSP business model and notice that it has come of age. Not to be an I told you so, but I thought that the MSSP model was catching on years ago when I helped StillSecure acquire ProtectPoint. Today a large part of the StillSecure business is based on the MSSP model.

Why MSSP? Why not? Security is too hard and beyond the bulls eye for many business. It is critical for reasons such as regulatory compliance, but not core to the business expertise. It is a perfect candidate therefore for outsourcing.

Also with the move to the cloud, companies will want security built into their cloud offering. This is where I disagree with some of the analysis of the Dell-Secureworks deal. I don’t think Secureworks was a player in the cloud. I don’t even think they were really much of an SaaS player either. In fact what I know of the Secureworks business, they derived a substantial part of their revenue from one off consulting in conjunction with on premises appliances managed via their SOC.

In many ways that is a generation behind where many of the advanced MSSPs are today. Many MSSPs today are offering SaaS based services, cloud based and cloud security is where the MSSP of tomorrow wants to be.

Dell has been trying to move beyond selling boxes for some time. They have spent billions in recent years moving into IT services to challenge IBM and HP.  I think this deal is more about that for them. They can now offer security services, both traditional consulting and managed security. I don’t think it measures up to the IBM or HP offerings yet, but it is a start. With Dell’s sales force pushing it, I am sure we will see big numbers pile up.

According to the release Secureworks had about 120 million in revenue last year. The question is: How much did Dell pay?  My guess is about 500m. If anyone knows, please do tell.

Enhanced by Zemanta

Posted at 12:16 PM in MandA, MSSP, outsourcing security | | TrackBack (0)

March 24, 2010

Dave DeWalt and McAfee tell California to buzz off

Interesting article in Forbes today with Dave DeWalt, CEO of McAfee. DeWalt basically says that he has given up hiring people in California. It is too expensive to hire there he says and he is instead hiring in Texas, Oregon and Toronto.

While McAfee is headquartered in California, only about 14% of their employees are there.  Where are the most McAfee employees? India.  And DeWalt says he is going to keep hiring there.

Don’t think this is a recent move either. A few years back McAfee actually shifted 1,000 back office jobs out of California. So this is a trend that McAfee has been following for some time.

With the dire financial state that California is in, I am sure that is not welcome news in the Golden State and Silicon Valley in particular.

My question is what can California do here? Here is one suggestion. I would immediately make sure there was not a McAfee piece of software or appliance anywhere on any state controlled network or computer.  You would be seeing a lot of yellow over on the state systems.

Looking for incentives to keep jobs in a state or area? How about them buying your software or product as an incentive.  Maybe McAfee can sell a lot of their stuff over in India?

Posted at 09:46 PM in Current Affairs, employment, other security companies, outsourcing security | | TrackBack (0)

December 28, 2009

Rebuilding the house at eEye

eeye building a new house
eEye today announced the appointment of a new CEO, Kevin Hickey.  I recently had a chance to sit down with Kevin and some of the new team members. Hickey is a long time veteran of the IT industry, most recently heading up NetPro. NetPro had a successful exit via a sale to Quest.  Hickey is coming on board eEye with a mandate to rebuild the Retina franchise and return eEye to a place of prominence in the vulnerability management space.  As is often the case, Hickey is bringing along some of the folks he has worked with in the past. Joining him as VP of Strategy is Brad Hibbert, also from NetPro and CFO Tyler Hanson, who worked with Hickey at NetPro and another company.

In addition to the NetPro folks, Hickey has also hired some new sales executives. eEye did not raise any additional funds with bringin Kevin and team on board. Hickey says that his predecessor, Kamal Arefeh left the company with a strong balance sheet and profitable business. 

Good for Kevin and his team. Unfortunately I think the profitability and strength in balance sheet was due to sacrificing growth and some of the vulnerability research that eEye was known for in the past, rather than a big increase in revenue.But at least they have something to build on.

Hickey and Hibbert promise a return to eEye’s roots. They are going to refresh Retina and finally move beyond vulnerability assessment to vulnerability management. This has been tried before at eEye, but REM was never as successful as Retina was in the pure scanner market. They want to focus on the mid and SMB market for vulnerability management.

The new management team also wants to rebuild the research team that was the strength of the company in prior years. Hickey also talks about building out a strong professional services team. 

The new eEye will sell both from an inside and channel model, as well as through the enterprise and the government. A very ambitious sales plan for a smaller company.But reaching the mid-market and SMB market means a strong channel program. Selling to large enterprises needs a direct sales force. Hence the need for both.

Hickey says eEye is doing everything they can to see to it that the DISA DoD wide Retina contract is renewed and is profitable for eEye.  The government sector will still be a big focus of eEye, as will compliance, including PCI.  To that end they will be working on increasing their ability around application and database scanning.

They were a little less clear on the future of Blink. My impression is that Blink will be moving out of the crowded and hyper-competitive endpoint market and become a tool to help in vulnerability management. We will have to see what the future holds in regard to Blink.

A few years ago when Marc Maifrett left eEye I wrote a blog post asking if the last rat had left the ship at eEye. Now with Hickey and team coming on board it looks like they are ready to rebuild the house. I wish them luck and we will be watching their progress!

Posted at 09:00 AM in outsourcing security, Ross Brown, the security industry, vulnerability management | | TrackBack (0)

December 22, 2009

Its the total cost of a security solution that gets you every time

Image representing Gary Fish as depicted in Cr...

Image via CrunchBase

Last week I wrote a post about a managed SIEM service from FishNet Security that Larry Walsh over on channel insider reported on.  Larry had made it out that the FishNet offering solved many of the biggest problems facing SIEM usage - cost, complexity and flexibility. I called bull on that. If there is one thing I have learned in my years in security, it is that there are no magic buttons and no easy shortcuts. There is also just no way of making SIEM easy. Just ask my friend Mike Rothman.

As a result of my article I had a chance to reconnect with Gary Fish. I had not spoken to Gary in a while, so it was good to catch up. Gary is still as busy as ever evangelizing and growing FishNet into new markets and products all over the country.  Of course Gary sold a controlling stake in FishNet to Lake Capital last year for north of 100 million. Gary is still the CEO and prime mover at FishNet.

I spoke today with Gary and Tom Schmatz, VP of managed services and support at FishNet. I have much better understanding of the FishNet SEIM managed service and what is driving the market adoption of it.

The bottom line is what FishNet is offering is a hybrid model of managed service. Customer buys the software and license for the SIEM. There is also a charge for implementation. Gary and Tom estimate that for a 2500 user shop, this could cost about 150k. They want people to use the managed service, so they will discount this down to around 125k or so.

Now 25k is not chicken feed, but in terms of the total cost of ownership for a SIEM solution that is small potatoes. The real cost of the SIEM is running the thing 24x7. Creating custom views and reports is an on going and sizeable task. 

The FishNet guys estimate that the real total cost of operating the SIEM is closer to 550k. Of that over 400k is for operators. FishNet estimates you need 5 people to man a SIEM around the clock. Now to be fair and I brought this up to Gary, you don’t need 5 full time people to manage SIEM. They will spend a small portion of their time on SIEM management. But conversely, you can’t hire people for just 1 hour or so out of every 8.

This is where the FishNet model pays for itself. For a cost of around 100k annually, they manage the entire SIEM process. Customer can be as active or passive in participating in the management as they like. They can log into the FishNet portal and never even have to log into the SIEM if they like.

This outsourcing of the day to day management is a great way for a medium sized business to get the SIEM they need. BTW, Gary and Tom say that compliance is the biggest driver for this service.

The bottom line is that with any security solution, open source, commercial, hardware or software – you must take into account the total cost of ownership of the solution.  Too many folks figure license and implementation without the cost of actually using this product. Outsourcing the management of it is a way to shave some cost out, but more importantly also give you the expertise you might not otherwise have.

Reblog this post [with Zemanta]

Posted at 05:39 PM in other security companies, outsourcing security | | TrackBack (0)

November 05, 2009

Is security outsourcing up or down? Survey says: down

richard_dawson I am not Richard Dawson and this ain’t the Family Feud. But I don’t quite get the results as reported by Bill Brenner on CSO online and his podcast. According to Bill the economic downturn has led to companies spending less on outsourced security and doing more in house. This seems to be counter-intuitive and against all of the evidence I have seen. In fact most analysis I have seen says that the economic turmoil has led to a greater use of security outsourcing. Companies cannot afford the resources in house, full time and instead are saving costs outsourcing security.

If indeed they are spending less on outsourced security I would hypothesize that they are not forgoing spending money on outsourced security by doing it in house, but are actually foregoing spending on security all together. Of course they don’t want to say that, so instead say they are taking it in house and having existing resources handle it.  If those resources could handle it to begin with they would not have outsourced to begin with! The realities of the security market strike again.

It could of course also be specific to the questions asked. Perhaps with the great firewall management tools recently introduced like Tufin Technologies larger enterprises are taking more firewall management in house. But for the majority of the market I don’t see taking security in house and actually doing it as a key driver of saving money.

One thing Bill does say though that is worth repeating is that whether you in house or outsource security, you do not abdicate your responsibility for your company’s security.

Posted at 01:13 AM in General Security, outsourcing security | | TrackBack (0)

December 06, 2008

And the winner and still champion is - Perpetual Licensing

Eric Lai has an excellent piece up in ComputerWorld on software licensing. Eric concludes that in spite of a crappy economy that would favor paying less money up front, in spite of the popularity of SaaS models and their monthly or subscription billing, most companies still prefer a perpetual based licensing model.  Eric's conclusion rings true with my own experience at StillSecure.

Almost 9 years ago when we first started at StillSecure, our research indicated that subscription pricing was going to be the wave of the future.  Microsoft was embracing and pushing subscriptions heavily.  The AV guys like Norton-Symantec and Network Associates/McAfee were selling AV on a subscription. It was less money up front and best of all for us, offered the very desirable reoccurring revenue model.

Funny thing happened though.  Pretty quickly we found out people hated it.  They didn't like the idea of buying the same software year after year. Customers who had the product for multiple years wound up paying a lot more for the product. As Eric points out, they couldn't put the cost down as cap ex and that was a problem. The cost difference up front between the two models was not sufficient enough to win them over.  So we pretty quickly started offering our software in a traditional software perpetual model with its 20% yearly maintenance. We offered both subscription and perpetual licenses to our customers and even discounted multi-year subscriptions so that it was price neutral if you bought a 3 year subscription. Well pretty quickly the overwhelming (and I mean overwhelming) majority of customers went perpetual.  We thought the fact that sales people were making more commissions on the higher up front costs of perpetual had them steering customers to perpetual.  But that wasn't it.  As Eric points out, even companies who themselves sell software on a subscription model, prefer to buy perpetual.

So we stopped banging our head on that wall and we offer both models today with most people opting for perpetual.  Now with increased economic trouble and more and more people buying security as a service, maybe that will change.  But I will believe it when I see it. Until then, the winner and still champion is ...

Posted at 12:51 AM in outsourcing security, StillSecure stuff, Web/Tech | | TrackBack (0)

September 29, 2008

ISS 2 years after

Niel Roiter over at Techtarget has a good article up on what has become of ISS as it approaches 2 years under the rule of Big Blue.  Of course Mitchell and I had Tom Noonan on just a few weeks ago and as we spoke about, Tom is no longer at IBM/ISS. At the time of the ISS acquistion, speculation was rampant over whether IBM would continue the ISS product line or instead concentrate on the services side of the ISS business, which represented the majority of the revenue actually.

Coinciding with the 2 year anniversary, IBM/ISS actually released a slew of new/updated products:

  • A new release of its unified threat management (UTM) tailored for small business, including, for the first time, an SSL VPN.
  • A virtual appliance version of its network intrusion prevention system (IPS).
  • An update to its network enterprise vulnerability scanner.
  • An IPS controller, effectively a load-balancer to aggregate IPS appliances to achieve a greater throughput of up to 10 Gbps.
  • A new release of Proventia Management SiteProtector, IBM's security management console.

So at first blush it seems that ISS/IBM is still very much concentrated on products.  It took 2 years to find their way within the IBM universe but are getting back to business.  But as Neil points out, a closer look at the new releases show two trends:

1. IBM/ISS is moving down to the SMB/SME market.  Clearly making products easier and better suited to a smaller customer was a driving force here.

2. MSSP or SaaS is the holy grail for them.  All of these products are being made to work together and be managed by a central outsourced MSSP.  IBM, like many others sees the security market for the mid-market moving to a managed model.  IBM wants to move down stream from managing not only the largest networks in the world, but managing every network in the world. 

Network management is more than just security, but security will play an in important role in it.  We are going to see IBM, HP, Verizon, etc. increasingly coming down into the SMB/SME market to offer to manage IT environments for customers. Historically this has always been like herding cats.  The question is, what will make it different this time?

 

 

Related articles by Zemanta
Reblog this post [with Zemanta]

Posted at 09:26 AM in MandA, other security companies, outsourcing security, the security industry | | TrackBack (0)

September 23, 2008

Six degrees of separation

In this age of outsourcing, securing information that gets further and further away from your direct control becomes harder and harder to control.  The point was driven home again for me today reading a story about a data breach at Grady Memorial Hospital in Atlanta. Unlike other data breaches where a laptop was lost or somebody was able to hack into the hospitals network, this data breach was caused by simplest, but hardest to stop method, human error. It seems that some medical information was being transcribed and instead of being put in a password protected (like that is secure, but fodder for a blog post another day) the confidential information was put on a publicly available web site. 

Of course your favorite web spiders indexed the page and when a doctor did a Google search of his name he was surprised to find this page with confidential notes and information on his patients.  He then notified the hospital who investigated this apparent HIPAA violation.  What they found, according to the article in the Atlanta Journal-Constitution was this:

Grady outsourced the job of transcribing the notes to a Marietta firm, Metro Transcribing Inc., which outsourced the work to a Nevada contractor, Renee Lella. Lella, in turn, turned the work over to a firm in India, Primetech Infosystems.

So how is Grady Hospital supposed to have any control over Primetech Infosystems? It is this 6 degrees of separation that make outsourcing gone wild a potential security nightmare.  As data gets further away, it gets harder to control.  So next time you are going to outsource, you need to check who your outsourcer outsources to.

Reblog this post [with Zemanta]

Posted at 08:54 AM in compliance, General Security, outsourcing security | | TrackBack (0)

Next »
My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search

Attend a Computer Forensics Boot Camp to better your skills and become a better worker

Categories

Track my blog stats

Blog powered by TypePad
Member since 10/2005

About