Kaseya has acquired Graphus, a maker of email security and phishing defense software.
The IT management solutions vendor announced the news at the start of its 2020 Connect IT conference, which takes place online this week. Terms of the transaction, which closed five months ago, were not disclosed.
The Graphus platform, which Kaseya has integrated with other products in its growing security portfolio, offers MSPs a potent defense against a significant threat as well as a new revenue-producing service to sell, according to Kaseya CEO Fred Voccola.
“We think that our MSPs can do some serious, good work with it and make some money in the process,” he says.
The Graphus solution, which protects both Microsoft Outlook Online and Google Gmail inboxes, uses artificial intelligence technology named TrustGraph to create user-by-user profiles of trusted email relationships based on an analysis of 50 attributes of an employee’s communications. The system then compares incoming messages to those profiles to determine how much danger they pose.
A feature called EmployeeShield places a large warning banner atop suspicious emails. A second feature called Phish911 proactively quarantines potentially hazardous messages for further investigation before they reach intended recipients.
Unlike some phishing security products, the Graphus solution doesn’t require users to deploy a gateway appliance or modify network settings. “It’s super simple to install and use,” says Voccola, adding that the system is significantly less expensive than appliance-based products too.
The product’s dashboard provides graphical, real-time metrics on email security. An associated reporting tool lets MSPs display that information on customer-ready reports.
Kaseya used the five months since purchasing Graphus to integrate its software with ID Agent’s Dark Web ID dark web monitoring service and BullPhish ID security awareness training tool. Kaseya announced its acquisition of ID Agent at last year’s Connect IT event.
Additional integrations with Kaseya solutions are currently in development, according to Voccola, who says that connections to cloud-to-cloud backup offerings for Office 365 and Gmail from the company’s Spanning subsidiary are “weeks away”.
Graphus joins the Kaseya family of brands at a time when threat actors are aggressively executing phishing-led attacks designed to exploit fears and confusion created by the coronavirus pandemic. Ransomware strikes alone jumped 109% on a year-over-year basis in the U.S. during the first half of 2020, according to data from security vendor SonicWall.
Kaseya first discovered Graphus through its internal IT department, which was looking for a defense against mounting business email compromise attacks. “We were getting dozens of very sophisticated and very good phishing attempts,” Voccola says, noting that some of them contained typos and spelling errors he often makes when writing too fast. The decision to buy the company came some 10 months after Kaseya deployed the Graphus solution internally.
“It’s just really good belt and suspenders stuff that’s needed,” Voccola says.
Like most of the companies Kaseya acquires, Graphus will operate as an independent subsidiary going forward. Manoj Srivastava, the company’s co-founder and CEO, will continue to lead the organization.
Beyond Graphus, ID Agent, and Spanning, other Kaseya subsidiaries with security products or related technology for backup and disaster recovery include RapidFire Tools and Unitrends.
ID Agent shipped a new identity and access management solution named Passly in April. That system is based on technology from Scorpion Software, the security vendor Kaseya acquired in 2014.
Kaseya, which is currently owned by private equity investors Insight Partners and TPG, has an initial public offering in the works for early 2021.