Managed services vendor Kaseya has acquired RocketCyber, a provider of managed SOC services to MSPs.
The deal adds outsourced security services to an IT Complete platform that already included solutions for identity and access management, dark web monitoring, network assessment, compliance management, BDR, and security awareness training.
Terms of the deal were not disclosed. Kaseya plans to spend tens of millions of additional dollars scaling up the company’s resources, and is already supplementing RocketCyber’s original security operations center in Dallas with a secondary facility in Miami under construction now. A third site for European partners is scheduled to open in Dublin in about 90 days.
“We are capitalizing that business at a very aggressive rate,” says Kaseya CEO Fred Voccola. “We think this is going to be a huge acquisition for us.”
Alarmed by high-profile news stories about data breaches and ransomware strikes, he continues, businesses are increasingly looking for IT providers capable of providing advanced security services. Already, some 20% of the clients a typical MSP supports are “hyper security conscious” organizations that demand access to a level of protection few channel pros have the money or skills to provide.
“Those 20% of your customers probably represent 50 to 60 percent of your overall business, and they tend to be the types of customers that are much more inclined to expand their technology footprint with you as an MSP,” Voccola says. “If IT Complete is going to be complete and our security suite of IT Complete is going to be the go-to security suite for our customers, we need to make sure that we have a solution that our MSPs can use to satisfy the needs of their most important clients.”
Officially launched last August, RocketCyber’s managed SOC service is a white-labeled combination of threat hunting, breach detection, and real-time monitoring of Microsoft 365 email accounts with log monitoring for Windows and macOS endpoints, network devices like firewalls, and both Office 365 and Azure Active Directory environments. The firewall log analysis service that RocketCyber introduced a year ago is included as well.
Subscribers also have access to threat remediation assistance from security analysts equipped to remove compromised devices from an end user’s network, mitigate vulnerabilities, and then restore network access when devices are once again safe for use.
In keeping with a model Kaseya generally employs when acquiring a vendor, RocketCyber will operate as an independent subsidiary under its original name. Carl Banzhof, the company’s CEO, and Billy Austin, its president, will continue to lead the organization.
“They’ll be heading up this business unit for us for the long term,” Voccola says.
Confidence in Banzhof and Austin played a significant role in Kaseya’s decision to purchase RocketCyber as opposed to other SOC-as-a-service vendors. “If this is done incorrectly, it can have catastrophic consequences for an MSP, says Voccola of managed security. “We feel very, very comfortable that we’re dealing with people who really understand the space.”
RocketCyber’s U.S.-based facilities and flexible solution architecture also influenced Kaseya’s decision-making. “It’s not always easy to predict what the next type of attack vector is going to be,” Voccola says. “The technology that runs [a SOC] has to be architected in such a way that it’s very malleable.”