IT and Business Insights for SMB Solution Providers

SaaS Alerts Launches Automated Threat Response Module

The new system lets the cloud security vendor’s MSP partners take automated action following incidents involving their clients based on customized rules and policies. By Rich Freeman

SaaS Alerts has added a third component to its growing cloud security platform for MSPs.

Called the Respond Module, the solution allows users to take automated action following incidents detected by earlier modules, based on customized rules and policies. The system can automatically evict users of a compromised Microsoft 365 account and ban further logins, for example, or re-apply multifactor authentication on users who have disabled it. 

“It acts as a robotic employee on behalf of the MSP,” says SaaS Alerts CEO Jim Lippie. The ensuing benefits, he continues, include faster action against security threats and increased technician productivity.

Automated actions supported by the Respond Module rules engine include the ability to block sign-ins, expire all logins, change passwords, and require MFA on next login. Users can set rules for specific organizations and accounts and configure rules to be active for specific start and end dates as well. 

MSPs receive notification whenever a rule is triggered via email, their PSA solution, or a text message. SaaS Alerts software currently integrates with PSA products from ConnectWise, Datto, and Kaseya.

The SaaS Alerts Respond Module is currently available in beta form. General availability is scheduled to begin July 1st. 

Pricing for the entire SaaS Alerts platform will rise for new buyers from the current $0.50 per user per month to $0.80 on that date. Existing partners will continue to pay the previous rate until their current agreement expires. All licenses include free monitoring of the MSP’s own domain and core managed services line-of-business systems.

First launched in August 2020, the SaaS Alerts platform consolidates and correlates security notifications and alerts from multiple SaaS applications, allowing MSPs to spot threats that a single system might miss. The new module announced today follows earlier ones for management and reporting. 

To date, SaaS Alerts has logged over 200 million events involving from more than 3,100 SMBs and more than 200,000 end users. The company has roughly 490 partners now, Lippie says, and is adding roughly 25 to 30 more a month. 

SaaS Alerts, which has what Lippie describes as a “very aggressive” roadmap for the Respond Module, plans to roll out three updates for the system by the end of the year. It has longer term ambitions to introduce further modules and enhance the capabilities of existing ones as well, resulting in what Lippie calls “a full suite of SaaS cybersecurity capabilities.”

“There are still so many things that we know that we can do,” he says.

For example, Lippie continues, the platform currently notifies users of Kaseya’s IT Glue documentation system and NinjaOne’s RMM software of potential vulnerabilities and compromises. By the end of the year, it will support all of the major RMM products on the market.

“That’s important, because we can help mitigate supply chain attacks from RMM systems, and that’s a major concern for most MSPs,” Lippie says. “They can’t live without RMM but at the same time RMM scares them to death in terms of how it can be used against them. So we want to do everything we can to mitigate that risk and help them monitor the tools that allow them to do their jobs.”

Last September, SaaS Alerts reserved $500,000 of a funding round worth up to $3 million for MSP investors in a bid to let channel pros participate in the success that their adoption and deployment of the cloud security startup’s solution make possible.

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.