Continuum has added a risk assessment and reporting solution equipped with dark web monitoring functionality to its managed security portfolio.
Called Empower, the new offering is primarily designed to serve as a security sales tool for end users skeptical about their exposure to ransomware, viruses, and other threats. “This is where we’re just seeing MSPs have the biggest struggles today,” says Brian Downey, Continuum’s senior director for security product management.
Empower’s cornerstone is an automated assessment and reporting tool designed to help people with no background in IT generally or security specifically understand where they’re vulnerable and what risks those vulnerabilities pose. MSPs can then build on that data to sell clients on managed security services capable of mitigating those risks.
“This is really about trying to give them that point-in-time view to be able to drive increased interest in [security], and to be able to execute on that interest,” Downey says.
The assessment tool relies chiefly on two forms of evidence: dark web monitoring and peer comparisons. The dark web scans give customers a frightening look at stolen user credentials from their domain currently on sale in the cybercrime black market. “It really personalizes security,” Downey observes.
The peer comparisons show clients how their protections and practices stack up against other, similar companies. Seeing that you’re below average among comparable businesses can be a powerful incentive to implement additional security measures, Downey notes.
To help MSPs act on demand generated by the assessment tool, Empower comes with a variety of marketing materials as well as free licenses to Continuum security solutions for use in demo or proof-of-concept deployments.
Empower users also receive a 35 percent discount on full-scale production licensing for Continuum’s Profile & Protect offering, plus Webroot’s SecureAnywhere DNS Protection solution and security awareness training service. Continuum added Webroot products to its managed security suite last November.
Profile & Protect, which is one of two core pillars of the managed security product family Continuum rolled out last June, includes anti-virus, firewall, and other tools for blocking inbound attacks. Its companion offering, Detect & Respond, provides technology for identifying and remediating attacks on endpoints as well as a managed SIEM product for identifying and remediating attacks within networks. Empower subscribers receive what Downey calls “substantial” discounts on that latter product as well.
There are two Empower SKUs, both available immediately. The base edition includes the assessment tool and dark web monitoring service, as well as discounts on and not-for-resale licenses of Profile & Protect and the Webroot solutions.
The Empower Plus version adds licenses and discounts for Detect & Respond, along with limited use of that product for “passive monitoring” purposes. When used in that mode, the system provides alerts about breaches but doesn’t attempt to remediate them as it normally would automatically.
Empower Plus users get two Continuum incident responses annually as well. “We never want to put the MSP in a situation where they’re now aware of something and they don’t feel like they have the ability to do something about it,” Downey notes. Partners who need additional incident response assistance can buy it separately on an ad hoc basis via Continuum’s Tech Advantage program, which provides outsourced technical assistance.
Both Empower and Empower Plus are subscription-priced at flat, unlimited use rates designed to be low enough to prevent cost from inhibiting adoption.
Continuum’s dark web service utilizes data from an unspecified third-party provider. The code it uses to interpret and report on that data, however, was developed in house. Subscribers receive ongoing dark web alerts even for end users who don’t subsequently purchase any of Continuum’s other offerings.
Though Empower is mainly designed to be a demand-generation tool, Downey notes, users can employ its dark web and assessment components as the foundation for a revenue-generating quarterly or annual cybersecurity monitoring service.