FireEye To Extend Reach Of Verodin Through Managed Service Bundle

FireEye is working through the pricing and packaging for an offering that would enable partners to leverage the capabilities of Verodin’s Security Instrumentation Platform across a number of smaller customers.

FireEye plans to create managed service bundles to help channel partners bring the Verodin Security Instrumentation Platform to customers outside the large enterprise.

The Milpitas, Calif.-based platform security vendor said it’s working through the pricing and packaging details of an offering that would enable solution providers to spread the cost of Verodin across a number of smaller customers, according to Chris Carter, FireEye’s vice president of Americas channels. Carter expects to roll out the managed service offering for partners around Verodin in January 2020.

“It is definitely an opportunity we want to seize upon, because I do believe that every customer can benefit from what Verodin does,” Carter told CRN during the FireEye Cyber Defense Summit in Washington D.C.

[Related: Kevin Mandia’s 10 Scariest Statements At FireEye Cyber Defense Summit]

FireEye acquired McLean, Va.-based cybersecurity startup Verodin for $254.4 million in May to help find security effectiveness gaps stemming from equipment misconfiguration, evolving attacker tactics, or changes in the IT environment. The tool should help clients measure and test security environments against known and newly discovered threats to identify risks in security controls before a breach occurs.

Carter said that FireEye partners would like to see an offering that allows them to leverage Verodin’s attack simulation scenarios over a 60-day period of time to help customers do an assessment and build their initial baseline. There’s also the opportunity to sell Verodin to customers to be used on a continuous basis with the help of a solution provider, according to Carter.

FireEye’s also looking to build ways for partners to assist customers with managing the Verodin platform on an ongoing basis after it’s been installed, Carter said. Many customers will use Verodin to continuously test their tools and controls to ensure there’s been no drift or degradation in their security capabilities, according to Carter.

Partners can initially assist by managing the testing process, Carter said, both by using the director to change to different tests as well as by changing the threat actor in the simulation to keep things fresh and current. And if the results of the test indicate that customers need to make changes, Carter said the solution provider can jump in and assist from a product acquisition or services delivery standpoint.

A managed services environment normally charges customers on a periodic basis for services, and he said FireEye will need to develop a model for Verodin that’s more consistent with that. A managed service would leverage Verodin’s ability to continuously operate, he said, meaning that a slightly different pricing and packaging framework will be needed to address the ongoing nature of the engagement.

There’s also unanimous interest among members of FireEye’s Partner Advisory Council in delivering Verodin as a managed service, Carter said, with some solution providers further along in their knowledge of Verodin’s products and internal thinking about opportunities due to having worked with Verodin prior to it being acquired by FireEye.

The level of partner involvement in Verodin engagements would likely depend on the size and resource constraints of the customer, Carter said, with solution providers likely less involved in the day-to-day management of Verodin for large enterprises. By using Verodin, partners can help customers determine which products are working, and which products aren’t, and which products should be replaced.

Specifically, Carter said reporting from the Verodin platform will indicate which products aren’t doing what the customer expects them to do.

At a low level, Carter said customers might need solution providers to help with deactivating tools that Verodin found not to be working, tweaking tools that require configuration changes, and implementing new tools to address security gaps. And at the higher end, Carter said customers might also want consulting support, support and guidance from partners on what to do based on the Verodin findings.

In almost all cases outside very large enterprises that have their own cyber teams, he said customers will need some level of help and support from a channel partner. Partners typically add more value by bringing their expertise to customers that don’t have big cyber teams of their own, and FireEye partners typically focuses on working with mid- to large-enterprise firms that don’t have their own cyber team.

The Verodin platform will help Empower Solutions deliver security posture assessments as part of a multi-year plan to strengthen its clients’ security tools and eliminate duplicative tools, according to founder and CEO Sheryl Dunlap.

Dunlap said Verodin’s assessment capabilities play very nicely into the services the Reston, Va.-based solution provider has provided for its federal government clients in the past. Empower Solutions began looking into Verodin several months ago prior to the FireEye deal, Dunlap said, and as a result is already pretty spun up on the company’s technology.

Verodin should help clients of Empower Solutions tweak their infrastructure and architecture and get all their configurations into the optimal setting, Dunlap said. And given that IT team will often patch on a quarterly basis, Dunlap said that Verodin can run autonomously in the background of the client’s IT ecosystem and continuously monitor to ensure that the optimal configuration setting remain in place.

“Relationships are born out of singular opportunities,” Dunlap said.