Blackpoint Cyber entered the MSP space in 2019, founded by a team of former offensive cyber operators from the National Security Agency. Since then, it’s grown into a full-fledged security platform used by MSPs around the world. The cybersecurity vendor’s big news, the launch of its CompassOne platform, is getting major buzz throughout the industry.
CompassOne doesn’t just monitor threats. It automates driver analysis, flags privilege abuse, and delivers portfolio-level hygiene scoring across endpoints, cloud, and identities.
At Kaseya Connect Global 2025, ChannelPro sat down with Founder and CEO Jon Murchison and Chief Client Officer Mike Estep, to dig into the platform, how the company is innovating, and ways that MSPs can thrive in an era of complexity and industry consolidation.
Here are the highlights from that conversation, edited for clarity and length.
What’s Been the Reaction to CompassOne?
Estep: Extremely positive. We’ve got one of the best partner advisory councils—mature, well-run businesses. They helped shape this from the start. CompassOne is a differentiator in a crowded market.
MSPs see the shift to the cloud and need help with drift, posture management, and prioritization. When machines are roaming, you need context. Now we can build that. We’ve already had hundreds of CompassOne signups in 24 hours. Early access is going great.
Murchison: The trend we’re seeing is MSPs using CompassOne to offer assessments, get their foot in the door, and then sell co-managed services to organizations with hundreds or thousands of endpoints. The mid-enterprise space is vulnerable and legacy MSPs are charging a lot for poor security. That’s changing fast.
Can You Talk About the Feedback Loop? Did MSP Feedback Shape or Change Your Direction?
Murchison: I wouldn’t say it changed us—we were always going down this path. When I came into this in 2019, “security” was a firewall and some antivirus that didn’t work. Then people bought a bunch of tools and got a hangover from having too many.
What forced this direction is that MSPs now have to demonstrate posture and exposure management for insurance and compliance. Everything we saw in the market was lightweight and fake—mostly external scanning. We wanted to do more because we have agents. We invented them for Microsoft 365; we were the first to do it.
Now it’s all pulled together and deployment takes just five to ten minutes. We were already doing proactive scanning for our customers. Now, it’s built-in, scheduled, and automated. It just makes sense.
Would You Call This a Compliance Enablement Tool?
Jon Murchison
Murchison: For sure. It’s compliance and insurance enablement. Historically, you had to pick between a compliance stack that didn’t stop hackers or a hacker stack that didn’t tell a good compliance story. We’re blending both.
How Is AI Built Into the Platform?
Murchison: We have a huge AI team we kept under wraps for a year and a half. We were able to train [the AI] from the past five years of responses. We tagged all that data properly so we could train the model. It’s been really, really effective.
What Are You Doing Differently With Partner Enablement?
Estep: It’s about helping MSPs run better businesses. Yes, we teach security and how to package services, but Jon wanted our university to help MSPs grow and scale. We brought in people like Shawn Torres from In-Telecom to teach sales models. That’s built into Blackpoint University. It’s modular—use what you need.
We’ve seen our current partners grow 30%+. That doesn’t get talked about enough.
Murchison: The North American MSP market is about 70,000 strong. It’s growing at 12% CAGR; advanced security is growing at 30%. The best MSPs are acquiring, crushing it with Microsoft, building automation teams, and staying focused. 80% of their revenue comes from current clients.
If you’re under 1,500 endpoints, now’s the time to invest. Private Equity is coming in and sophistication is accelerating. Smaller MSPs need to focus on funnel management, customer success, retention, and recruiting. Engineers leave fast—you have to be ready. Focus on automation and Microsoft mastery, and run [your business] like a board would.
Even for Lifestyle Businesses?
Murchison: Absolutely. Build it like it’s sellable. You never know. We invested heavily in courses. Think of Blackpoint University as an MBA for MSPs. A lot of IT businesses don’t have financial modeling. We do. I want to launch a financial modeling program. Teach about mergers and acquisitions and what diligence looks like. Even if you never plan to sell, go through diligence. You’ll learn a lot.
You have to run it like you have a board and investors and always think about how to maximize your EBITDA multiple. That comes from repeatability and the right gross retention, net retention, margin, and growth. Those are the metrics that actually matter.
Mike Estep
Estep: It’s a journey that many MSP owners have never been exposed to. You need to clean up cobwebs and get better. That’s what acquirers look at.
Now Is the Time to Invest, but What About Tariffs and Supply Chain Uncertainty?
Murchison: Recessions are opportunities. Focus on automation, Microsoft certifications, and fundamentals. Most successful business owners grow during downturns. Tariffs haven’t hit MSP hardware that hard yet.
Never waste a good crisis. Wake up. Focus on repeatability. Don’t geek out over every new tool. Evaluate based on value.
Estep: We always grew during uncertain times. The MSPs I talk to are calm. Government-focused ones might be worried, but most are in SMB. They’re figuring out how to run the business from an iPad. That’s the mindset: differentiate, simplify, adapt.
Murchison: Don’t spread yourself thin. Pick a vertical. Dominate it. We started with AEC—architecture, engineering, and construction. That led to manufacturing. Clients lead you into new verticals.
Estep: Exactly. Know your niche. It’s a mess when 20% are law firms, 15% accounting, 15% medical—you’re spread thin. Different compliance, different needs. That kills profitability.
Murchison: We stumbled into the MSP space and tripled down. That’s what gave us our hockey stick growth.
What Do MSPs Misunderstand About the Threat Landscape?
Murchison: They overtrust traditional EDR and SIEM. They miss 72% of threats. They can’t contextualize identity, aren’t fast, and don’t see enough. MDR solutions based on these are missing critical telemetry. And many don’t have MDR for Microsoft 365 or SSO. That’s a huge gap. They also keep running DMZ infrastructures—external-facing services are still getting exploited. EDRs don’t help in those cases. It’s a blind spot.
Anything Else You’d Like to Add?
Murchison: CompassOne brings together real-time response and attack surface visibility, integrated with AI natively. On-prem and cloud need to be merged. We’re seeing cloud-initiated ransomware now. MSPs aren’t ready for that and need better tools.
Estep: Jon has built a team of elite people—bad guy knowledge, engineering, MSP strategy. We’re channel-only. Our competitors sell direct. That would’ve been a dealbreaker 20 years ago. Should still be. You want a vendor committed to MSPs and the channel—Blackpoint Cyber is.
Images: Blackpoint Cyber
➡️ Want to learn more? Read why Blackpoint Cyber believes the CompassOne platform sets a new standard for MSPs.
