#microsoft #corporate

Strategic Alliances in the Security Industry: Products, Services and Channels

by Charles Leaver

January 30, 2018

access_time 8 min read

Nobody can solve cybersecurity alone. No one product company, no one service provider, no one can tackle the whole thing. To tackle security requires cooperation between different players.

“Paradoxically, not only can vendors make more money through strategic alliances, but end customers will save money at the same time. Why? Several reasons.”

Sometimes, those players are at different levels of the solution stack – some install on endpoints, some within applications, others within network routers, others at the telco or the cloud. Sometimes, those players each have a specific best-of-breed piece of the puzzle: one player specializes in email, others in crypto, others in disrupting the kill chain.

From the enterprise customer’s perspective, effective security requires assembling a set of tools and services into a working whole. Speaking from the vendors’ perspective, effective security requires strategic alliances. Sure, each vendor, whether making hardware, writing software, or offering services, has its own products and intellectual property. However, we all work better when we work together, to enable integrations and make life easy for our resellers, our integrators – and that end customer.

Paradoxically, not only can vendors make more money through strategic alliances, but end customers will save money at the same time. Why? Several reasons.

Customers don’t waste their money (and time) with products which have overlapping capabilities. Customers don’t have to waste money (and time) creating custom integrations. And customers won’t waste money (and time) trying to debug systems that fight each other, such as by causing extra alerts or hard-to-find incompatibilities.

It’s the Trifecta – Products, Services, and Channels

All three work together to satisfy the needs of the enterprise customer, and also benefit the vendors, who can focus on doing what they do best, trusting strategic alliances to create complete solutions out of jigsaw puzzle pieces.

Generally speaking, those solutions need more than simple APIs – which is where strategic alliances come in.

Consider the integration between products (like a network threat scanner or Ziften’s endpoint visibility solutions) and analytics solutions. End customers don’t want to operate a dozen different dashboards, and they don’t want to manually correlate anomaly findings from a dozen different security tools. Strategic alliances between product vendors and analytics solutions – whether on-site or in the cloud – make sense for everyone. That includes for the channel, who can offer and support complete solutions that are already dialed in, already debugged, already documented, and will work with the least fuss possible.

Or consider the integration of products and managed security services providers (MSSPs). They want to offer prospective clients pre-packaged solutions, preferably which can run in their multi-tenant clouds. That means that the products must be scalable, with synergistic license terms. They must be well-integrated with the MSSP’s existing dashboards and administrative control systems. And of course, they need to feed into predictive analytics and incident response programs. The best way to do that? Through strategic alliances, both horizontally with other product vendors, and with major MSSPs as well.

What about major value-added resellers (VAR)? VARs need products that are easy to understand, easy to support, and easy to add into existing security deployments. This makes new products more appealing, more affordable, easier to install, easier to support — and strengthen the VAR’s customer relationships.

What do they look for when adding to their product portfolio? New products that have strategic alliances with their existing product offerings. If you don’t fit in to the VAR’s portfolio partners, well, you probably don’t fit in.

Two Examples: Fortinet and Microsoft

Nobody can solve cybersecurity alone, and that includes giants like Fortinet and Microsoft.

Consider the Fortinet Fabric-Ready Partner Program, where technology alliance partners integrate with the Fortinet Security Fabric via Fabric APIs and are able to actively collect and share information to improve threat intelligence, enhance overall threat awareness, and broaden threat response from end to end. As Fortinet explains in their Fortinet Fabric-Ready Partner Program Overview, “partner inclusion in the program signals to customers and the industry at large that the partner has collaborated with Fortinet and leveraged the Fortinet Fabric APIs to develop validated, end-to-end security solutions.”

You can read about Ziften’s strategic alliance and offerings with Fortinet here.

Similarly, Microsoft is pursuing a similar strategy with the Windows Defender Advanced Threat Protection program. Microsoft recently selected only a few key partners into this security program, saying, “We’ve heard from our customers that they want protection and visibility into potential threats on all of their device platforms and we’ve turned to partners to help address this need. Windows Defender ATP provides security teams a single pane of glass for their endpoint security and now by collaborating with these partners, our customers can extend their ATP service to their entire install base.”

You can read about our work with Microsoft here.

We’re the first to admit: Ziften can’t solve security alone. Nobody can. The best way forward for the security industry is to move forward together, through strategic alliances bringing together product vendors, service providers, and the channel. That way, we all win, vendors, service providers, channel partners, and enterprise customers alike.