ALIENVAULT MSSP PARTNER PROGRAM

Transcription

1 ALIENVAULT MSSP PARTNER PROGRAM AlienVault Managed Security Service Partner Program The Preeminent Managed Security Service Offering for MSSPs of all Sizes This document will provide an overview of the Managed Security market and how the AlienVault USM solution can help you deliver proven managed security services at a low cost. Whether you are an existing MSSP or a potential MSSP looking to gain a deeper understanding of the market opportunity, you ll learn specifics on how our MSSP program works and if it s a good fit for you. If you re interested in being a value-added reseller, we have a separate VAR program. us at partners@alienvault.com and we ll provide you the details or visit

2 Welcome to AlienVault MSSPs of all shapes and sizes have embraced Unified Security Management (USM) to reduce the cost of their services while accelerating security visibility and threat detection for their customers. We understand that you need access to a security solution that offers significant time to value advantages while improving your customers overall security posture. At AlienVault we re committed to unifying best-of-breed technology with shared intelligence for a truly open and collaborative security. MSSP Market Opportunity The global MSSP market continues to expand at a healthy rate. According to Transparency Market Research, the Managed Security Services Market (CPE, Cloud/Hosted and Hybrid) is expected to grow from USD 9.3 Billion In 2012 To USD 24.1 Billion by 2019, with an estimated CAGR of 15.4%. From a regional perspective, EMEA (Europe, Middle East & Africa) represents the largest regional market and APAC (Asia Pacific) is the region with the highest growth rates of all regional markets. Some of the major driving factors of the industry identified by Transparency include the rising adoption and increasing penetration of these services in industries such as government and utilities, telecom and IT, and the banking, finance and insurance services industries (BFSI). These market segments collectively accounted for nearly 59.2% share of revenues in In other words, there s a very large opportunity for those MSSPs who can choose the right strategy in respect to the technology they deploy, and can demonstrate to their customers the value of their offering. The deployment model for the global MSSP market remains predominantly on-premise with customer premise equipment (CPE) or virtual appliances. However, this model is changing as cloud solutions create benefits for both MSSPs and customers. For example, elastic provisioning is becoming increasingly important to minimize costs while maximizing reliability and availability. Only those security vendors who are aligned properly to their MSSP partners need for differentiating technology and a pricing model that supports their MSSP partners ability to grow at scale will be able to keep pace with these changes to the market. MSSP Opportunity Organizations of all sizes continue to face an ever-growing landscape of security threats that are becoming more targeted and malicious in nature. Attacks are no longer being launched en masse with the hope of snaring random victims: rather they are focused and sophisticated, designed to defeat tactical, reactive security technologies that are in place at an organization. Whether an attack targets a network, an endpoint device, an application, or a database, it is important for any organization to have visibility into how their systems are being used and by whom. Granular visibility of network activity is essential to protect against a catastrophic event such as a security breach, system outage, high-risk event, or compliance violation that results from an unintentional or unauthorized changes to these systems. 2

3 Unfortunately most organizations don t have the tools, time, or staff expertise to deal with the challenge of keeping up with the evolving threat landscape and increased sophistication of attack techniques. By partnering with a Managed Security Services Provider (MSSP), organizations can leverage best practices to improve their network security while reducing staffing requirements and ultimately lowering costs. Organizations of all sizes are increasingly relying on MSSPs for cost effective, multithreat security solutions and around-the-clock risk mitigation. The exploding MSSP demand has been fueled by compliancy, greater executive awareness of IT risk and demand for advanced threat protection. Combine this with a severely limited pool of trained security personnel and a desire of businesses to focus on core competencies, and there is little wonder that the global MSSP market is growing at a feverish pace. AlienVault: Meeting the MSSP Challenge MSSPs are challenged with differentiating their services, minimizing operational complexity, and ensuring that their business is profitable. Fortunately, meeting the unique requirements of the MSSP market is nothing new to AlienVault. Since 2007, we have delivered our Unified Security Management platform (USM), a solution that was designed specifically for MSSPs. We helped our very first customer meet the demands of delivering a quality security service while stripping away as much of the complexity that robbed them of profiting from their services and reduced the fidelity of their offering. AlienVault believes that true security demands integration and orchestration of all the essential security capabilities. The AlienVault USM platform makes it possible for heterogeneous, best-of-breed security tools to be built into a unified framework. We don t believe our customers or MSSP partners should take on the heavy burden of integration, at scale. Integration at scale, especially when managing varying customer environments, comes with real costs: time, energy and other resources that are in short supply. Integrating the entire security technology stack improves your ability to deliver a wider range of security services while reducing your management and deployment overhead. AlienVault s Competitive Advantages AlienVault makes it easy for MSSPs to offer unified security by providing five integrated, essential security technologies: Asset Discovery, Vulnerability Assessment, Behavioral Monitoring, Threat Detection and Security intelligence / SEIM. These essential capabilities provide a comprehensive set of security offerings that complement industry demand and subscribers security needs. MSSPs benefit from the complete visibility USM offers by enabling you to detect emerging threats across your customers environment, to respond quickly to incidents and to conduct thorough investigations. MSSP also are able to measure, manage, and report on compliance (PCI, HIPAA, ISO, and more). Building in these essential security controls saves your the time, cost, and complexity of purchasing, configuring, and integrating those disparate data feeds and managing multiple management consoles. MSSPs get security expertise needed to effectively integrate these technologies respond quickly to changes in your end-users infrastructure and applications, all while combating emerging threats. AlienVault USM also enables you to make existing network security teams more effective by putting global threat intelligence at their fingertips. AlienVault Labs Threat Intelligence drives USM security capabilities by identifying the latest threats, resulting in the broadest view of attacker techniques and effective defenses. Our Threat Intelligence maximizes the effectiveness of any security monitoring program by providing regularly updated information on bad actors and emerging threats, as well as context-specific remediation guidance. AlienVault s Open Threat Exchange (OTX ) is a unique threat intelligence technology integrated with AlienVault USM and validated by AlienVault Labs that helps you to defend against threats directed at your customers networks. 3

4 AlienVault OTX is a framework for a unique and powerful collaborative defense capability that shifts the advantage away from the attacker because it enables organizations to receive threat intelligence generated from a wide range of sources, including data collected from over 140 countries ensures broad visibility of threat trends. AlienVault s MSSP Program at a glance As the market and threat landscapes continue to evolve, MSSPs are turning to AlienVault s comprehensive set of products and services to provide combined security offerings to customers in an efficient and cost effective manner. The goal of the AlienVault MSSP Program is to enable successful monetize your security and achievement of unprecedented growth and profit by delivering superior, next-generation managed security services to your customers. AlienVault connects MSSPs to the resources they need to develop expertise, grow managed security service practice, increase customer satisfaction, and maximize profitability. AlienVault offers: Subscription-based pricing Flexible deployment options Hardware or virtual appliances All-In-One or component-based Installation On-Premise or Cloud-based deployments Ability to utilize USM built-in capabilities to collect data from infrastructure security devices 4

5 Program Benefits: Differentiating your Offering A Service Catalog Powered By AlienVault AlienVault supports MSSP partners by providing a step-by-step roadmap that enables MSSPs to ramp their business/offerings in a logical manner. We understand that experience and comfort in building and deploying a managed services offering greatly varies between MSSPs. In an effort to help you scale as they build their own operational discipline, we ve created a recommended service catalogue. This services catalogue is designed to utilize the skills and experience developed in one phase in the subsequent phases, allowing you to expand your business model over time. The phases are arranged by increasing technical skills, from lowest to highest. Many MSSPs have leveraged this service catalogue to enter the market quickly while building their expertise and achieve significant ROI for themselves and their customers. The full document is available upon request at mssp@alienvault.com Pricing AlienVault offers flexible pricing and licensing options for managed service providers, allowing partners to develop pricing that directly aligns to the requirements of their customer base. Predictable pricing with an affordable Getting Started Package gives MSSPs an intimate understanding of the product so that they have the confidence to deliver the highest possible service levels to their customers. Ask our dedicated MSSP Partner Account Managers for assistance with pricing or contact us at mssp@alienvault.com Training Options Public Training + Deployment Assistance AlienVault product training for one (1) engineer at a public AlienVault training center Three (3) days of remote support by a Certified AlienVault Deployment Architect Private Training + Deployment Assistance AlienVault product training for up to 8 people at your facility Five (5) days of remote support by a Certified AlienVault Deployment Architect Sales Assistance for our MSSP Partners Beyond AlienVault s USM solution and what it offers to our MSSPs, AlienVault believes we re both investing in a true partnership. All too often vendors view MSSPs like end-users, which has usually negative implications to the longer-term relationship. AlienVault makes a conscious point to not view MSSP partners through the same lens. Our view is that this is a strategic ongoing partnership that creates mutual engagement and alignment around the technology, marketing and sales activities. While many MSSPs have very specifically defined service offerings, AlienVault can help you become more productive faster while optimizing the customer experience in a wide range of areas. Areas we support our MSSP partners include: Scoping the Customer Environment Solutions Architecture Collateral Competitive Positioning Sales Training Regional Shows 5

6 AlienVault: Your Partner in Growth Once you ve got your managed security offering defined, you ll need to start thinking about your go-to-market strategy. AlienVault has years of experience driving the unified security management message and we re willing to share our experiences with our MSSP partners to help ensure your success! Go-to-market tactics assistance for our partners includes: Co-branded HTML s promoting your offering Rep-based Text Call campaign with sales reps Trade Shows Cross Promotion on the AlienVault website through our back-link program (details upon request) Joint Webcasts examples include Achieving PCI Compliance, Detecting System Compromise & Data Exfiltration, and All you need to know about CryptoLocker Infections, (these help build awareness and content that will further your SEO results) Frequently asked Questions of MSSPs (at all sizes/stages): Question: Does your product support federated environments? A: YES AlienVault provides our MSSP partners easily centralized management capabilities with federated features to manage customers at any scale. Question: Do you provide training? What formats are available? A: YES To become an AlienVault MSSP Partner, it s mandatory that an MSSP take advantage of the training we provide. This training will become instrumental in the successful delivery of your security offering. AlienVault provides Onsite, Online and Classroom training to accommodate MSSP partners anywhere in the world. You can find more information here: Question: How do I operationalize my offering? A: AlienVault removes much of the risk many MSSPs face, regardless of their level of experience in delivering security as a service. AlienVault works with its partners to avoid costly deployment mistakes and ensure that the costs related to managing subscriber networks do not exceed the revenue generated from monitoring their customers environments. In addition, beyond attempting to tie disparate systems together, MSSPs often struggle with determining which services to offer initially and how to layer on additional services over time. AlienVault helps our MSSP partners by outlining a service catalogue that can serve as a roadmap as you launch your new services. This information is available to our MSSP partners upon request. Question: Can you tell me more about the out-of-the-box event correlation AlienVault provides? Can we do custom correlation? A: Yes. Correlation of events and Incident-specific reports are essential to offering true security visibility and threat detection; however most MSSPs don t deploy solutions that allow customers to get anything more than very basic reporting/correlation. AlienVault provides its MSSP partners with an unfair advantage over other vendors MSSP offerings--the USM platform allows for the AlienVault Labs global threat research team to provide you with hourly updates on any threat activity we may be seeing anywhere across our Open Threat Exchange. And, beyond what we provide as a service with our Threat Intelligence updates, our MSSP partners can also provide custom correlation services leveraging the data gathered within USM. 6

7 Question: Can I achieve High Fidelity without all the time-consuming noise (i.e. False Positives)? A: YES. Custom correlation is the only way to achieve any true value/threat visibility from a SIEM platform. The task of baselining an environment and creating these alerts/alarms is daunting enough in a single environment, and extremely difficult and time across many environments. Because of this complexity, most MSSPs only have a very generic offering with limited correlation capabilities (the limits of which customers discover very quickly when an incident occurs yet the MSSP did not provide notification). The AlienVault Labs Thre Intelligence Team ensures that our customers achieve the highest fidelity despite the challenges that come with the dynamic threat environment and complexity associated to managing multiple environments. Our ability to establish baselines and overlay those with frequent updates that your team can build upon is one of the reasons the USM platform has been so widely adopted by MSSPs around the world. Question: How does USM account for customers poor Change Management practices (which impacts MSSPs ability to detect threats in their customers networks)? A: To be candid, this question doesn t get asked often enough. However it s essential in understanding the strength of the USM platform and how it helps our MSSP partners achieve predictable results for their customers. If end-users of MSSPs that use other security vendors tools asked this question, their confidence would likely be shaken when considering how most MSSPs deal with this challenge. Strong correlation is based on known baselines and an intimate understanding of a customer s environment. MSSPs are often the last to know of any changes initiated by their end-user. Every change to an environment impacts the fidelity of correlation that the MSSP has developed for that end- user environment. Unfortunately, end-user IT organizations normally have little visibility into the effectiveness of their change management controls across their IT infrastructure. And, when change controls are not effectively managed and monitored, the impact of this can be devastating: First, change management controls are a foundation of many regulatory compliance standards and requirements, including Sarbanes-Oxley and PCI-DSS. Many organizations rely on manual processes or point technology solutions in an attempt to react to change requests and activities across their environment. Reliance on manual controls and reactive processes to validate that unauthorized changes did not occur is extremely ineffective and can leave a company exposed to significant risk. In addition, these inefficient, manual processes lead to increased compliance and operational costs to test, validate, and report on change management requirements. Second, ineffective change control processes can directly lead to the breakdown of an overall security management program. Overall risk exposure is increased as new vulnerabilities are introduced across IT, financial, and operational systems, and systems require more frequent and updated patches to mitigate these vulnerabilities. Without direct oversight and monitoring of change controls across every system, device, and application, organizations cannot holistically protect against internal or external security and risk issues occurring throughout their environment. This is why the AlienVault USM platform brings unprecedented value as the platform is built upon a security stack that is known to the MSSP. USM provides incredibly insightful information regardless of the changes being made inside your customers environments; something very few MSSPs can claim. The Last Word The goal of the AlienVault MSSP Program is to enable our MSSP partners to successfully achieve unprecedented growth and profit potential by delivering superior, next generation multi-threat security solutions to your customers. AlienVault connects you to the resources needed to develop your expertise, grow your business, increase customer satisfaction, and maximize your profitability. We look forward to working with you and your team. If you have questions or would like to engage further, please reach out to us at mssp@alienvault.com or visit About AlienVault AlienVault is the champion of mid-size organizations that lack sufficient staff, security expertise, technology or budget to defend against modern threats. Our Unified Security Management (USM) platform provides all of the essential security controls required for complete security visibility, and is designed to enable any IT or security practitioner to benefit from results on day one. Powered by the latest AlienVault Labs Threat Intelligence and the Open Threat Exchange the world s largest crowd-sourced threat intelligence exchange AlienVault USM delivers a unified, simple and affordable solution for threat detection and compliance management. AlienVault is a privately held company headquartered in Silicon Valley and backed by Trident Capital, Kleiner Perkins Caufield & Byers, GGV Capital, Intel Capital, Sigma West, Adara Venture Partners, Top Tier Capital and Correlation Ventures. For more information 7 visit or follow us on Twitter (@AlienVault).