The deal adds outsourced security services to an IT Complete platform that already included solutions for identity and access management, dark web monitoring, network assessment, compliance management, BDR, and security awareness training.
Terms of the deal were not disclosed. Kaseya plans to spend tens of millions of additional dollars scaling up the company’s resources, and is already supplementing RocketCyber’s original security operations center in Dallas with a secondary facility in Miami under construction now. A third site for European partners is scheduled to open in Dublin in about 90 days.
“We are capitalizing that business at a very aggressive rate,” says Kaseya CEO Fred Voccola. “We think this is going to be a huge acquisition for us.”
Alarmed by high-profile news stories about data breaches and ransomware strikes, he continues, businesses are increasingly looking for IT providers capable of providing advanced security services. Already, some 20% of the clients a typical MSP supports are “hyper security conscious” organizations that demand access to a level of protection few channel pros have the money or skills to provide.
“Those 20% of your customers probably represent 50 to 60 percent of your overall business, and they tend to be the types of customers that are much more inclined to expand their technology footprint with you as an MSP,” Voccola says. “If IT Complete is going to be complete and our security suite of IT Complete is going to be the go-to security suite for our customers, we need to make sure that we have a solution that our MSPs can use to satisfy the needs of their most important clients.”
Officially launched last August, RocketCyber’s managed SOC service is a white-labeled combination of threat hunting, breach detection, and real-time monitoring of Microsoft 365 email accounts with log monitoring for Windows and macOS endpoints, network devices like firewalls, and both Office 365 and Azure Active Directory environments. The firewall log analysis service that RocketCyber introduced a year ago is included as well.
Subscribers also have access to threat remediation assistance from security analysts equipped to remove compromised devices from an end user’s network, mitigate vulnerabilities, and then restore network access when devices are once again safe for use.
In keeping with a model Kaseya generally employs when acquiring a vendor, RocketCyber will operate as an independent subsidiary under its original name. Carl Banzhof, the company’s CEO, and Billy Austin, its president, will continue to lead the organization.
“They’ll be heading up this business unit for us for the long term,” Voccola says.
Confidence in Banzhof and Austin played a significant role in Kaseya’s decision to purchase RocketCyber as opposed to other SOC-as-a-service vendors. “If this is done incorrectly, it can have catastrophic consequences for an MSP, says Voccola of managed security. “We feel very, very comfortable that we’re dealing with people who really understand the space.”
RocketCyber’s U.S.-based facilities and flexible solution architecture also influenced Kaseya’s decision-making. “It’s not always easy to predict what the next type of attack vector is going to be,” Voccola says. “The technology that runs [a SOC] has to be architected in such a way that it’s very malleable.”
RocketCyber’s service integrates with ConnectWise Manage, Datto’s Autotask solution, and other leading PSA systems, as well as RMM solutions from Barracuda MSP, ConnectWise, NinjaRMM, SolarWinds MSP, Syncro, and others. Users can offload management of endpoint security solutions from Bitdefender, Cylance, SentinelOne, and Webroot, among others, to RocketCyber too.
In an expansion of previously existing capabilities, users can now deploy RocketCyber services across multiple clients centrally via Kaseya’s VSA remote monitoring and management solution. Enhanced integration with Kaseya BMS, the vendor’s PSA solution, lets technicians make BMS the RocketCyber service’s primary ticketing interface.
Newly available integration with Passly, Kaseya’s identity and access management solution, enables single sign-on access to RocketCyber and lets RocketCyber analysts quickly import user login data for inspection.
According to Voccola, partners can expect to see additional integrations between RocketCyber’s platform and Kaseya security solutions aimed at automating remediation measures after attacks are detected, by launching backup and recovery jobs or resetting passwords, for example.
Existing partners will continue doing business with RocketCyber as they have before. They will benefit from the acquisition though, according to Voccola, through an accelerated product roadmap.
“We’ve put a couple of more dev teams into their core technology,” Voccola says. Kaseya is hiring more security analysts and enhancing RocketCyber’s operational processes as well.
“We have a lot of resources to make things better, like billing, the back office systems, the overall experience,” Voccola says.
For RocketCyber itself, today’s news marks the culmination of a swift launch-to-acquisition arc. The company first opened its doors late in 2018 as a provider of integrated app-based solutions for cybersecurity newcomers. The company informally introduced an outsourced SOC offering roughly a year later, and declared managed SOC the strategic core of its business last summer.
RocketCyber is the latest in a string of security- and backup-related acquisitions by Kaseya in recent years that has included Unitrends, RapidFire Tools, Spanning, ID Agent, and most recently email security vendor Graphus.
Kaseya competitor ConnectWise has offered outsourced SOC services since acquiring security and help desk service provider Continuum late in 2019. The company expanded its managed security portfolio more recently by purchasing Perch Security and StratoZen, SOC and SIEM service providers for MSPs.
SolarWinds MSP, another major player in the managed services line-of-business market, provides managed SOC services through third-party operators of its Threat Monitor solution.