AWS MSSP competency program opens up to partners

A new AWS program will validate the skill sets and processes of MSSP partners, creating a means for security firms to competitively differentiate themselves; more IT channel news.

A new AWS competency program aims to help partners stand out in a competitive cloud computing security market.

Through the AWS Level 1 MSSP Competency Program, managed security service providers (MSSPs) can demonstrate their cloud security proficiency to AWS customers. The designation appears on partners' AWS Marketplace listings, where service providers offer prepackaged services and customized offerings to clients.

The first group of companies to obtain the competency include professional services firms Accenture, Deloitte and PwC; global systems integrators Atos, Tech Mahindra and Wipro; and managed cybersecurity specialists Deepwatch, eSentire and Proficio. A complete list of launch partners is available on an AWS blog post.

The program's rollout follows a 12-month pilot that included 27 launch partners, an AWS spokesperson said. In the competency-granting process, AWS security engineers assess an MSSP's technical and operational capabilities. Those capabilities will be revalidated against the Level 1 baseline annually.

Through the program, MSSPs can differentiate their AWS managed security business, according to AWS. Partners can access benefits such as market development funds and technical training workshops.

AWS defines Level 1 managed security services as including the following:

  • AWS infrastructure vulnerability scanning;
  • AWS resource inventory visibility;
  • AWS security best practices monitoring;
  • AWS compliance monitoring;
  • monitoring and triaging security events;
  • 24/7 incident alerting and response;
  • distributed denial-of-service mitigation;
  • managed intrusion prevention system;
  • managed detection and response for AWS-based endpoints; and
  • managed web application firewall.

Cloud security services and tools are in high demand, as more organizations transition to the cloud, said Brad Taylor, CEO at Proficio, an MSSP based in Carlsbad, Calif. Achievement of the competency gives end users confidence in Proficio's managed detection and response (MDR) services, he said. A number of partners have developed MDR practices as a distinct security services offering.

Proficio offers a limited standard service in the AWS Marketplace, as well as the option to select customized services through AWS' Consulting Partner Private Offers program, Taylor added. Service providers use the private offers program to create bespoke offerings with client-specific pricing and statements of work.

ESentire, an MDR provider based in Waterloo, Ont., has also benefited from the AWS MSSP designation. The competency helps demonstrate to customers that the company has the security, technical skill set and operational processes to safeguard AWS workloads, said C.J. Spallitta, chief product officer at eSentire.

ESentire is in the process of being listed in the AWS Marketplace and expects to be on board by the fourth quarter of 2021. "We will be providing customized services through the private offers program," Spallitta noted.

Likewise, Aaron Brown, a partner and leader in the Cyber Risk Services AWS practice at Deloitte, said the competency program helps validate Deloitte's technical and operational capabilities as an MSSP. Deloitte's cloud managed security offering, built for the AWS MSSP Level 1 competency, aims to help AWS clients secure their cloud operations, while maintaining speed and operational agility, Brown said.

Deloitte also plans to provide security offerings on the AWS Marketplace through private offers, Brown said. He noted these offerings will be customizable based on client-specific requirements and environments.

Cloud security challenges chart

Tessian adopts 100% channel model

Tessian, an email security company based in San Francisco, will shift to a channel-only model as it seeks greater access to security technology decision-makers.

The company offers what it calls "human-layer security," an approach which aims to help customers protect against threats that stem from human error. Tessian uses machine learning to create employee security profiles based on typical work patterns. For example, the company's cloud-based technology will warn employees before they send an email attachment containing information on one company to another company. This check avoids inadvertent data leaks, according to the Tessian. The company's security offering is also designed to guard against advanced phishing attacks.

Matt Smith, chief strategy officer at Tessian, joined the company six months ago to develop its channel-first go-to-market strategy. He had previously built an indirect channel program for Duo Security, where he was global vice president of sales and business development.

"The channel holds a unique position in the security space in terms of influence and access to CISOs and CIOs," Smith said.

Tessian, thus far, has formed channel alliances with Optiv Security in the U.S.; Alinet and CTS in the United Kingdom; Asystec and Kontex in Ireland; and Nclose in South Africa.

The vendor doesn't disclose its direct vs. indirect revenue mix, but all new North American business has started to go through Tessian partners, Smith noted.

The company seeks to recruit partners that focus solely on security or have strong security practices, Smith said.

Tessian's existing partners primarily work as resellers of the company's technology, but some engage with the company as referral partners. In addition to reselling or referring the technology, partners can also use the company's platform to boost demand for other security offerings. Partners, for instance, can use Tessian as a risk assessment tool to expose data leakage or an advanced phishing problem, which Smith said drives the need for additional products and services.

Tessian also offers integrations with other security vendors, including Sumo Logic and Splunk in security and information event management and KnowBe4 in security awareness training.

Tessian develops a bespoke program for each partner to fit its business model. "We tailor our approach to how [partners] go to market, the services they provide and how they operate," Smith said. Tessian's channel roster will remain small so the company's channel team can build such individualized programs, he added.

Partner roster updates

  • Nvidia tapped a global systems integrator and several channel partners in its launch of an AI software suite. The company's Nvidia AI Enterprise offering lets VMware vSphere users virtualize AI workloads on NVIDIA-Certified Systems. Paris-based integrator Atos is among the manufacturers offering an Nvidia-Certified System with Nvidia AI Enterprise. Atos, perhaps better known for IT services, acquired high-performance computing vendor Bull in 2014. Nvidia AI Enterprise is also available through channel partners that include Atea, Carahsoft, Computacenter, Insight Enterprises, NTT, SoftServe and SVA System Vertrieb Alexander GmbH.
  • Pax8, a cloud distributor based in Denver, provides Addigy's Apple device management offering to MSPs through a global partnership.
  • Forty8Fifty Labs, an Agile and DevOps consultancy, partnered with Exalate, which provides a tool for service desk synchronization. The consulting firm, a subsidiary of Atlanta-based Veristor Systems, uses Exalate in its IT service management deployments.
  • Prolifics, a consulting and managed services firm based in Orlando, Fla., added EnterpriseDB (EDB) to its technology partner roster. EDB contributes to the PostgreSQL open source database system. The EDB relationship lets Prolifics expand its legacy database migration and cloud replatforming businesses, according to the consulting company.
  • Beyond Identity partnered with Ignition Technology to distribute its passwordless authentication offerings to MSSPs and IT resellers in the Nordic countries and the Benelux region, which includes Belgium, the Netherlands and Luxembourg.

Tools for channel partners

  • Bitwarden, a Santa Barbara, Calif., company that provides an open source password manager, unveiled an offering that lets MSPs deliver password management on an as-a-service basis. Bitwarden MSP Provider Portal offers a central location through which MSPs can manage customers' Bitwarden password management services at scale, according to the company.
  • OpsRamp, an IT operations management vendor based in San Jose, Calif., will offer a 14-day free trial that the company said lets resellers demonstrate OpsRamp to enterprise customers. The trial version of the company's platform includes discovery, monitoring, alerting and dashboarding for cloud infrastructure services. Foulk Consulting, an OpsRamp partner based in Livonia, Mich., will offer the free trial to its customers.
  • CloudBlue, a business unit of distributor Ingram Micro, launched its channel partner revenue management offering in North America. CloudBlue Rev lets Ingram Micro partners provide "a single billing experience" that spans the distributor's e-commerce site, cloud marketplace and partners' own offerings, according to CloudBlue, which is based in Irvine, Calif. In May, CloudBlue began the global rollout of CloudBlue Rev in the United Kingdom.
  • Pulseway, a remote monitoring and management software vendor, released an end-user support platform. Pulseway Client Portal aims to help end users resolve various IT problems without the assistance of a live technician. Among IT issues the platform can help resolve, Pulseway cited new equipment orders, requests for additional storage, and printer problems. IT technicians and systems administrations can also build their own resolution paths on their platform to automate end-user support processes, Pulseway said.

Executive appointments

  • Evoque Data Center Solutions, a cloud and data center services provider based in Dallas, appointed Monica Walton as the company's vice president of channel sales. Walton previously was vice president/general manager of sales for Lumen Technologies' Rocky Mountain Region. Evoque has also expanded its channel program, providing a consistent commission structure and process, increased incentives, and co-branded marketing support among other features. Evoque plans to double the number its channel-based bookings over the next 12 months.
  • MorganFranklin Consulting, a finance, technology and cybersecurity consulting firm based in Washington, D.C., named Perry Menezes as a managing director in its cybersecurity practice. Menezes joins MorganFranklin from KPMG, where he was a partner in the company's consulting and advisory cyber practice for the banking sector.
  • Reputation, a reputation experience management company based in Redwood City, Calif., hired Brent Nixon for the newly created position of chief ecosystem officer. Nixon will be responsible for growing the company's partner organization, which is expanding across Europe and Asia. Nixon previously led the global alliances and partner organization at Workfront, which was acquired by Adobe.

Other news

  • Comcast Business agreed to acquire Masergy, a Plano, Texas, company that provides managed SD-WAN and managed security services. The Masergy deal, subject to regulatory approval, would "add credibility for Comcast in areas such as cloud and security, which will be vital in attracting multinational corporations as clients," said Gary Barton, principal enterprise technology and services analyst at GlobalData, a consulting firm based in London.
  • Checkmarx, an application security testing vendor, launched a global partner program. The program provides virtual training and enablement sessions, certification programs, and deal registration and lead sharing via an updated partner portal, Checkmarx said. The program is structured with three tiers: Authorized, Expert and Advanced. Partners can qualify for sales rebates, preferred discounts, customized marketing campaigns and access to an advisory board, the vendor said.
  • Centrilogic, an IT transformation solutions provider, expanded its security services offerings. The company's portfolio includes a CISO-as-a-service offering, security assessments, managed security services and incident response. Centrilogic cybersecurity lead Steven Cohen said the new lineup of services augments the company's established offerings, which include vulnerability assessments, penetration testing and firewall management. Centrilogic provides services across industries such as healthcare services, real estate, financial services and manufacturing. The company has North American headquarters in Toronto and Rochester, N.Y.
  • Accenture invested in Ixlayer, a San Francisco company that provides a telehealth platform for health testing in a virtual environment. Ixlayer participates in Accenture Ventures' Project Spotlight, which connects emerging technology software startups with Global 2000 companies.
  • Answerthink, a division of The Hackett Group, attained AWS SAP Competency status. Answerthink, based in Miami, is an AWS Advanced Consulting Partner and an SAP Platinum Partner.

Market Share is a news roundup published every Friday.

Dig Deeper on MSP technology services

Cloud Computing
Data Management
Business Analytics