New Continuum Security Tools Manage Detection For MSPs And Their Customers

'Bad guys can be inside networks for months, weeks, before they launch an attack. So if you can determine suspicious activity before ransomware or IP theft ... it’s the best way to determine what’s going on,' Fielder Hiss, Continuum’s vice president of product, tells CRN.

Continuum’s new security tools offer managed detection and response, taking an MSP’s end customer data, adding a layer of automation, and streaming it through the company’s Security Operations Centers to alert MSPs of unusual behavior.

“We are bringing together all the different security feeds and logs, the network traffic and things like that, and in one place, doing correlation, orchestration and automation for MSPs’ clients in order to determine intrusion or suspicious internal behavior and ultimately mitigate any type of breach before damage is done,” said Fielder Hiss, vice president of products with Boston-based Continuum.

In the fight against ransomware, security experts say that once hackers have penetrated a network, their next act is to sit inside, mapping it out and sometimes disabling backups before setting off an attack. A heavy focus on detection and response can help MSPs by sounding the alarm about an intrusion before the hacker has struck.

“There’s a concept of dwell time in security,” Hiss said. “Bad guys can be inside networks for months, weeks, before they launch an attack. So if you can determine suspicious activity before ransomware or IP theft, and manage the detection and response where you are feeding all the information into a specific place for correlation and orchestration, it’s the best way to determine what’s going on.”

Hiss said the tool offers network and server log monitoring and correlation, Office 365 and Windows domain monitoring, all viewable through a single platform experience and intuitive interface built on BrightGauge, which Continuum bought in January.

Hiss said the company is also offering Fortify For The MSP, allowing them to apply the power of these offerings to protect their own business.

“What we have done is said, ‘MSPs need to secure themselves too,’ “ he said. “It’s almost as important at this point because it’s getting bad out there. So what we’ve done is announced a variant of called Fortify For The MSP, with special packaging and pricing. We felt we needed to create a catalyst for our partners to secure themselves with the same level they are securing their clients.”

Continuum said as many as 74 percent of the MSPs it polled recently reported suffering at least one attack within the past year. Hiss said while the momentum is shifting, there are still too many MSPs that are not protecting themselves with the same high-quality security tools they give to their customers.

“I think the industry has woken up on that front,” Hiss said. “I think over the past 18 months to now we’ve seen vendors have their partners’ credentials compromised through phishing and the MSP’s tools used to deliver ransomware. So that’s why we’re doing that. We want to help MSPs secure themselves. Security starts at home.”

One MSP, who asked not to be named because it uses a rival platform, said both offerings would be useful to his business since the current ITSM platform he uses doesn’t offer a SOC.

“On the surface and just based on what I read, it looks great, but it comes down to cost—cost to me and cost to my customers,” he said. “I wish my provider had a SOC. It’s worth looking at efficiency-wise to get everyone on the same product. That could be a big win for us.”