In this episode, Adam, Daniel and Paul discuss important facets of the modern security landscape with a special focus on Managed Service Providers (MSPs). They explore how enterprise-level security services migrate to MSPs due to increasing adversarial threats. Paul, with over 20 years in the industry, delves into the evolution from antivirus to Endpoint Detection Response (EDR) and Managed Detection Response (MDR), emphasizing their operation and costs. They further discuss the pressing importance of securing SaaS applications like Microsoft 365, driven by the shift to cloud computing during COVID. The episode highlights the continuous battle between good and evil in cybersecurity and the importance of MSPs adapting their services to these evolving threats. Paul also provides insights into the rapid development and market introduction of new security solutions, underscoring the need for continuous education and strategic adoption of new tools by MSPs.
00:00 Welcome and Introduction
00:03 Understanding the Security Landscape
00:35 Evolution of Security Services for MSPs
02:10 Explaining EDR and MDR
03:45 Challenges and Costs for MSPs
05:01 The Shift to Cloud Security
06:18 SOC and NOC: Roles and Responsibilities
14:43 Impact of COVID on Security
17:29 Developing Security Solutions at Pace
22:00 Commercial Strategies for MSPs
28:52 Conclusion and Final Thoughts
Listen on Spotify or Apple Podcasts
Connect with Paul Barnes on LinkedIn by clicking here –
https://www.linkedin.com/in/paulwbarnes/
Connect with Daniel Welling on LinkedIn by clicking here – https://www.linkedin.com/in/daniel-welling-54659715/
Connect with Adam Morris on LinkedIn by clicking here – linkedin.com/in/adamcmorris
Visit The MSP Finance Team website, simply click here – https://www.mspfinanceteam.com/
We created It’s a Numbers Game Podcast to help MSP owners learn and understand how to build and maintain a financially healthy MSP business. In this podcast series, MSP business owners like you will learn the fundamental steps, the tips and tricks, the dos and don’ts to achieve MSP financial growth.
We look forward to catching up with you on the next one. Stay tuned!
Transcript
Dan: , Paul, welcome along to the podcast. Thanks for joining us. to start, I think we probably carry on where we left off in our conversation a couple of weeks ago at CompTIA,which was a fascinating,insight into a new strand of the security landscape. Where we arrived at, which is, does everybody actually know,all of the strands what the security landscape looks like.
Dan: So, perhaps you could take us through it from the ground up.
Paul: Yeah, absolutely. Yeah. Thanks, Daniel. yeah, so, it’s great conversation. We had to come to you. It’s a great show as always there, but I think one thing which. coming from the vendor side, and I’ve been doing this for probably about 20 years, you see the breadth of security services now out there and what typically happens what we’ve seen over the years of MSPs is that you’ve got all these enterprise level security,categories, and they eventually find the way into the MSPs hands.
Paul: And it’s quite often through necessity based on, the new,adversarial threats out there so that the bad guys trying to get into the MSP’s customers. And so, yeah, there’s certainly a rapid evolution going on. I started work with MSPs in probably 2015,with WebRoot, of course, and,antivirus was probably one of those checkbox items back then, and it still continues to be, there’s an evolution of antivirus into EDR, but it’s really just You get your RMM, you get your ticketing system, your PSA, you get your,AV antivirus, and then you back up disaster recovery.
Paul: And that was kind of the suite which you kind of went out as an MSP and,served your customers. But, you know, over the course of, now coming up to 10 years, you see the emergence of a lot. More,items like you kind of look at the user side from security awareness training.
Paul: you know, that’s kind of becoming a de facto part of the MSP’s portfolio. I mentioned EDR, but also MDR managed detection response. This is, you start to see a lot of MSPs now kind of understanding challenges with being that security expert and the costs associated with building out your own security teams.
Paul: The turn to vendors for things like MDR and identity access management, you know, the variety of
Adam: I didn’t want to stop your flow there, but could you, again, for the benefit of our listeners in general, just explain what EDR and MBR are.
Paul: Yeah, absolutely. So yeah, take that for granted because I’ve been in this space forever and EDR, Endpoint Detection Response. So antivirus is all around. Hey, we spot a bad thing, which we know about, let’s go and block it. EDR kind of was raising those question marks around behaviors and other things which might be going on, which is not as simple to solve around.
Paul: Hey, we know this file is bad. It’s more looking at the more activities around the endpoints. So the desktops, the laptops and servers, let’s say. And so that was really the EDR endpoint detection response was feeding all that information,back to someone to make a decision around Whether it’s malicious or not.
Paul: And so, you know, that’s a lot of work for someone to be at the other end off to see all these events. And that’s kind of the evolution of MDR managed detection response. And that’s where you have someone like in from a vendor perspective, like, handling that on behalf of the customer. So they’re managing that.
Paul: the stream of events making those decisions on, Hey, this behavior looks malicious. This user has been seen to traverse the network which looks like an adversarial activity.
Adam: And is the difference then,one is around code and the other is around behavior. Or a trend.
Paul: think both EDR and MDR focus on behaviors. AV
Adam: so antivirus being,based on code detection of a certain type of code. whereas EDR MDR based on some level of behavior or trend.
Paul: Exactly, in simplistic terms, and of course antiviruses have evolved, so those folks which have been in the antivirus market forever typically have EDR capabilities, but from an MSP’s perspective, these are extra pounds they’re having to pay for these solutions, they might have bought an antivirus for maybe 1 per user per month, then an EDR will come in at 2 per user per month, and MDR these days is like 5 per user per month, so, It’s struggle as an MSP to kind of go back to customers to ask for more money for security, which have already sold once and having to go back a second or third time as the threats diversify and get harder to stop.
Adam: will my EDR or MDR include my AV?
Paul: So that’s kind of, it’s like a super set on top of, So that’s,yeah, there are a couple of exemptions in the market, so you still get the consumer antiviruses, which,MSPs seem to be attached to because they’re not willing to pay the extra pounds to get better protection.
Paul: So, there are still those knocking them out. And there’s even great antivirus baked into the OS. So Microsoft Defenders. Doing a pretty good job. So there’s a lot of choice there, but,carrying on that kind of thread around the variety. There’s just a vast number of categories and solutions out there.
Paul: And,over here, we’re addressing a new category. one of the things we’ve seen over the years is that the threats, the malware out there starting to shift So there’s less. malware from adversaries. It’s more on getting access to the data directly from their sass assets.
Paul: So it could be,you know, within the Microsoft 365 for the Google suites, the sales force, any of the CRM. They’re going after that, because that’s where the data is, because I know if they go on the end point, They’re only going to get a subset of the data, but if they can go to the source of the cloud,that’s where the gold is for them.
Paul: So that’s where really OVA is focused. And that’s an additional category, which the MSPs need to start to address
Dan: back one step again, just for our audience. I think we’re going to produce quite an interesting reference,episode here for anyone that’s,new to, or getting into the security side of MSP life. we talked about. Manage,detected response.
Dan: so this is a person,or is it automated? because you mentioned the MSP having to pay a pound and then two and then three and then four and five, but,also it’s the time that they’re having to spend,looking at this noise and also not every MSP,works. 24 hours a day, seven days a week.
Dan: So, is this where we get to,XDR,and tell us about SOC as well. where do these all mash into the antivirus and the super antiviruses?
Paul: yeah, and this is why I really, empathize with the MSP. So many acronyms, so much to kind of consume. And a lot of this has been driven by, the enterprises, mid market, they’ll talk about XDR, they’ll talk about SIMs and SOCs and the MSP starts to worry, do I need to do this? And,are my customers going to be demanding this?
Paul: And,really just to kind of boil it down,and trying to simplify this down. So really,when it comes to things like XDR, There’s still there’s emphasis and socks. If the MSP is going to be doing that themselves, it’s an incredible cost for them to build out their own security teams to monitor and manage this.
Paul: And so this is really where I like to say the MDR is really the way that MSPs are now shifting towards, you know, relying on a trusted vendor to kind of handle that white glove service where they will essentially consume the alerts, make the decisions on their behalf. And allow the MSPs to kind of just focus on that, that nine to five offering the kind of I.
Paul: T. support and the security. Monitoring and response sits on the shoulders of the MDR, and that’s why they pay that premium for that. So, yeah, XDR is, yeah, a lot of analysts will talk about those, and I’m sure there’s MXDR, there’s all sorts of spins on that, depending on what the CMO comes up with in each of these larger vendors.
Dan: chief Marketing Officer, CMO,
Paul: yeah,Chief Mark
Adam: what does X stand for in X, XDR? And,
Paul: extended, depending which vendor you speak to, so manage extended, and this is their way of saying, Hey, we’re looking at the cloud. We’re looking at the end point. We’re looking at the network. We’re looking at these things. this is an important thing to questions for MSPs MDR vendors or any security vendors.
Paul: What’s your breadth of coverage? Are you going to look at my? and points you’d expect them to. Are you going to look at any of the network devices? So networks are evolving, but still some will look at the firewalls as well. Are you going to look at the cloud? And what does cloud mean? Is it cloud infrastructure like Amazon AWS or GCP and Google Cloud Platform?
Paul: Are you going to, or is it cloud as in looking at my SaaS applications? And that’s the SaaS applications where the actual productivity where the end clients are really working on. That’s the gap because,not many vendors will go down to the depths of looking at. that area. And again, when we’re talking about the MSP and SMP world, that’s where they’re doing the day to day business in the SaaS apps and not spinning up instances in AWS and building their own apps.
Adam: and what if we’re talking about SOC, if I have a MDR, then by definition, do I have a SOC?
Paul: in depending which vendor, so here’s, again, it’s another dimension, depending which vendor in the MDR space you speak with,some will kind of offload the decision to, they’ll make the decision about whether something’s bad or not, but they’ll offload the,response to you as the customer to say, Hey, we’ve found something bad.
Paul: You go and resolve it,because they don’t want to do it or they don’t have the capabilities or as part of their kind of playbooks. Others will be a bit more kind of.hands on and hey, we’ll take care of it. and that you find them more typically in the MSP space because MSPs a lot will be like, yeah, we accept that risk that you might occasionally one out of 100 times get it wrong in the enterprise spaces.
Paul: feed it into their SOC, the security operations team, to ultimately make that response change.
Adam: So there’s a SOC,is a SOC when they handle the response as well as the detection.
Paul: they’ll do the full monitoring and response. But there’s varying degrees of how deep,and broad they go on things. So it’s important for MSP as you’re having these conversations to ask those important questions. ask the vendor to lay out exactly what they cover,so then at least when you’re having conversations with your clients, you can get over there fully armed with like, this is where the line is drawn,with the service.
Adam: and with a SOC service by definition, would that dictate the level of MDR or XDR?within that service or can the two be independent of each other?
Paul: I’m sorry, I didn’t quite,
Adam: so a human component to this. There’s a technology and software component to this. Are they intrinsically wrapped together or can the detection and response be separate to the software?
Paul: typically it’s all wrapped together. what the MSPs are using these days, although,there’s different varieties. we’ve engaged with MSPs, which, will have their SIM. their own kind of logging platform and they’ll collate it and they’re just looking for extra help to kind of manage those responses.
Paul: So it’s different flavors but I think the market for the MSP is coalescing around, the full package where, they will work with a single vendor to, handle that soup to nuts so to speak.
Adam: And
Paul: And that’s highly recommended because of the economics of it.
Adam: of course, and the accountability.
Paul: And,that’s another important question to ask the MDR vendor is just around SLAs and,where, and many of them will have their own kind of playbooks or engagement guides where they’ll say, Hey, this is kind of what we’ll do in case of an event. and it’s very important that you as an MSP understand that.
Paul: Yeah, because,The cure,worse than the disease in some ways, because the action that might be taken,could actually create a whole load of,
Paul: yeah.
Dan: how does the MSP handle that with there?
Dan: They’ve got to be clear that, you know, we’re, this is serious stuff. and we might have to do some serious things to protect you. whether It turns out that it’s a, it was a problem or not a problem. but,we do some stuff and it’s, there’s going to be a destructive element to it and it’s going to cause downtime and disruption.
Dan: So, are you the client happy to accept that,you know, this may happen.
Paul: Yeah, that’s the worst nightmare for any vendor and having been in the antivirus world for a little while and blue screening whole networks. And I think every vendor in the space, has a disaster over time where they’ve had a rogue update or a incorrect decision on a file and you see, whole networks go down.
Paul: So, yeah, it’s important to know those rules of engagement and,where. And there’s exceptions, which can be made with vendors. So you can say, Hey, I don’t want a response action happening on this first responder client, for example, because it’s handling the call centers for 999 or whatever it might be.
Paul: So we don’t want that. Just let us know. We’ll deal with it. Others will be a bit different. And you. Give them full reign to kick the adversary out.
Dan: So they go listeners. Socks are not just for conferences. there’s a real thing with people there.
Adam: and to what degree does this become harder to get your head around from a management and control perspective when you’ve got an outsourced NOC, as well as an outsourced SOC and they’re different organizations.
Paul: Well, that’s always a challenge with Nox and Sox. Like just getting those two working,in tandem. it’s a hard one. I think,when you outsource such an important operation like the, like MDR side and,ensuring there’s no conflict with,The day to day what you might be doing on the network side.
Paul: these are all kind of part of the planning process for an MSP to ensure that they’re not going to cause more issues than good.
Dan: So I guess we sort of interrupted you when you were describing the security landscape. we sort of hijacked you a little bit The SOC and the NOC, or to SOC or not to SOC, and,you were telling us,about,the source data now being The prize rather than the endpoints or the local networks.
Dan: And of course, it makes sense because actually we have shifted away from networks, which originally you’re protecting something internally. it feels to me like this is unusual that we’ve not already thought of this and been thinking of this for some time because we’ve had,Office and now Microsoft 365,for some years.
Dan: So, is this just,the industry sleepwalking into a problem or,have things, you know, has there been another trigger event given us this situation?
Paul: Yeah, I think Covid was one of those events, which was,what would forcing,sorry, I’ve lost my words there. it forces into the, into the cloud, right? So, businesses were forced away from their traditional offices and their networks. And the data shifted to the cloud.
Paul: and with that, there’s a rapid rise of usage and data in there. I think keeping productivity was the first objective for most businesses. And,you know, the security aspect, it often is history kind of dictate that security often follows.
Paul: we’ve managed to solve a lot of the business problem, Ensure that the risk is,mitigated with proper security controls. And there’s a lot of examples we’re seeing now, and we recently did a demo and a webinar on this, where, things which customers have been telling us, Hey, super secure.
Paul: You can’t get around by MFA, for example,that’s something which now adversaries are able to get around if the conditions are right. And so, maybe COVID and other factors and,just the vendors from, the productivity suite there, they focus all their efforts on cloud apps rather than, native installed applications.
Paul: So, you don’t see many vendors these days having installable apps. You don’t see new startups say, Hey, here’s some new software to install to do this marketing. Activity. So everything starts in the cloud. And so, that’s really just happened exponentially. the focus for the MSPs has been trying to enable that for the clients over the last couple of years and,enablement, productivity, getting their businesses set up correctly
Paul: it’s been primary. And then, yeah, obviously, security’s kind of lagging behind on this. it’s a great opportunity for MSPs to get in front of this and,show that the maturity of the thinking around, mitigating the risks. like I said, there’s a lot of examples now coming out,around.
Paul: Those threats folks in,on SAS and it happens daily. And like, if you think about ransomware,a few years ago, that was kind of the worst thing ever. It’s like, yeah, it’s going to encrypt all the files on the endpoint and,or on the server and things like that. Just terrible thing to happen, but most businesses now get hit by ransomware.
Paul: There’s going to be some impact, but A lot of the data’s in the cloud. And so as long as they’ve got,the right,retention on the cloud,files and they’ve got backups then the risk is starting to diminish. it’s not eliminated.
Paul: It’s still a risk there, but that’s where the adversaries are focusing more is away from that end point.
Dan: So that just a continued ongoing underlying battle between good and evil rages on as it always has done that the bad actors and the good actors could continually evolving and therefore eventually that will result in a new. Dr. Maybe,will be next,or a DR,when we start going through the alphabet again.
Dan: but yeah, so, it strikes me then that,the pace of this,and one of the topics,we covered off,before and I think great subject for our audience as well, is thinking about just the sheer pace of the development of the.
Dan: Problem as well as then the development of the solution, such as yourself. and how you actually identify a problem, confirm the market, create a solution, approach the market. and you do all of that at pace as well, I think is just fascinating. and the fact that you are moving at such speeds,You know, it’s not unsurprising that occasionally there are boo boos and,perhaps solutions arrive at market a little bit before fully ready.
Dan: perhaps talk us just a little bit about your experience of spotting a problem and working through that. So I think it’d be really interesting. for our listeners to understand a little bit about the challenges and opportunities that vendors have and how they go about,tackling those.
Paul: Yeah, that’s a great point. And like, going back to 20 years where software design life cycles, SCLC, all these kind of waterfall methodologies were kind of rife and you know, because vendors used to do an annual,release of products. You probably remember walking into your PC world to get your next version of Norton or something like that, because that was the pace of updates.
Paul: And then now it is literally, I mean, we’re releasing weekly, but that’s kind of in a very extreme kind of release cadence. And package things up,in a way that it’s not hidden from the customer up until a point, but that’s the extremes, which we’ve got to, and really From identifying the problem,I think this is where it’s the agility,understanding the market, and we’re very fortunate because we spent so much time with this market, so we had a leg up on, understanding the personas and,the pain points,and iterating through with the customers around, especially with,new technologies that, Really, how big an issue is this problem?
Paul: Where is that trajectory of that problem going? And so as Ovir, and you know, my background is in product strategy, product management, this was kind of, we spent six months building interactive prototypes of, hey, if we were to build this solution,would this solve the problem and getting the feedback there?
Paul: this is where the markets and software developments moved to. It’s like, really. Building those kind of high fidelity prototypes to be able to test the market, iterate quick with customers. And like I said, literally releasing weekly on updates. And yet we occasionally release products before that,the fully bait, but,this is a very measured approach and,having that constant communication with the customers is key.
Paul: And, you know, we’ve had our beta products,premium paid service in beta for probably six months. By the time this podcast goes out, it’ll probably be launched. So in mid May, we’re looking to launch that and so, but that’s gone through a lot of evolutions. We’ve got it wrong in some places and just being able to kind of rapidly, Evolve things and design on new platforms.
Paul: So we’re blessed with new platforms. AWS has come on a long way. So they know you don’t have to build your own machine learning models from scratch anymore, or AI kind of off the shelf. And this is really where we do the data process. So there’s a lot of things which have made it easier,for vendors to build it, but it comes with understanding.
Paul: The market, the problems, the personas, that trajectory of that problem. Is it going to get worse? and one thing which I’ve talked a lot about with other vendors as a kind of advise them or private equities is really around, What’s the willingness to pay in the share of wallet, which I’d like to say so if we were to solve this problem, like, are there pounds there for us to either take from another solution?
Paul: So does this replace another solution? Or are we going to be asking MSPs, our target customers to demand more money from their clients? And so both situations, kind of have different dynamics and, have different successes either. So if you’re asking for new pounds, so a new solution, like as we are going to be asking for the new pounds, we don’t replace anything there.
Paul: So it’s kind of a greenfield,for us in a way, but that’s an extra conversation, which the MSP needs to have with a client. And we need to arm them with why this is a problem, where it’s heading, what’s the risk to the customers. And this is the same with any product you bring into market. But it’s especially felt I feel with the MSPs because you’re not only having to sell to them and get them convinced you have to arm them to obviously get that to their customers.
Adam: And actually you’ve touched on an interesting point there, which is around the commercials from an MSPs perspective, because they’ve been having discussions with their clients now for years about the need to continuously,buy new products and upgrade, just. To stay abreast of all the threats.
Adam: And just when they think they’ve got everything they could possibly need with their XDR and their education programs and their AV and the knock and the sock and everything, you come along and say,now you need to buy the three, six, five protection as well, because that’s not prop and they’re going, come on, give me a break here.
Adam: Right. So, so what would your advice be? as a strategy to your market here to help them sell yet another,rung of security to their clients.
Paul: Yeah, it’s tricky, but it’s always really starting around the problem and making sure the customer really understands what the problems that you’re trying to solve. I think with, the SAS problem, it’s quite clear that,we’ve been helping MSPs in the past. where have you shifted your focus over the last few years?
Paul: it’s more onto the SAS application. what protections do we have in place there? And like the vendors, the SAS vendors, like the Microsoft, they’re doing,trying the best to secure them, but there are threats there. There are hacks. you’re going to see them in the press.
Paul: You see it every week. There’s going to be a new SAS app, which has been breached new credentials out on the web, new data being off. So it’s really. There is a bit of fear monger, and I say a little in this, but it’s reality is that this is where the shift has happened. And so it really starts with that problem.
Paul: And then,for the MSP,arming them with,Here’s how we’re going to solve it. Here’s we can make them money. obviously we can help them solve the problem, but equally we can generate additional revenue for them because most of the MSPs will mark up the price by, 150 percent or whatever that typical,markup is.
Paul: so they’re incentivized to, have those conversations as
Adam: and just thinking about it as well,there’s a shift, isn’t there, from what they’re asking their clients to spend on traditional on prem business continuity, right? A lot of that revenue has moved to security now. so I guess part of this is about,explaining. Well, you know, almost for every new product that they need to pay for something falls off the back end, perhaps.
Adam: and certainly clients, used to be spending thousands with their on prem business continuity solutions. They don’t need to do that anymore. So, it’s moving to some of these other markets and opportunities. Dan’s shaking his head a little bit.
Adam: When I said they don’t need to do that anymore, Dan, I didn’t say they don’t need to do that at all.
Dan: really interesting actually, and I was just thinking back to some of the early conversations I had,around,m oh, office 3, 6 5 as it was called then in terms of, replacing the exchange server before you had the cycle of exchange server upgrades. and then you probably had some kind of security products like,redundancy if the exchange server was offline,malprotection,anti spam and,emergency mailbox and that sort of thing. But,of course, when we started talking about, Office 365.
Dan: It was like, well, actually you won’t need that now because,it’s all in the cloud. it’s just someone else’s computer. It’s not there. There is no cloud. But,you know, the customer part of that decision for the customer was to sell, right? Yeah. Okay. Well, I’ll go to Microsoft and they’re pretty safe, right?
Dan: And then,Oh, yeah,actually, we’ve been reading the terms and conditions and Microsoft don’t actually,look after any of the data or take responsibility for the data. So now you need this backup. and actually turns out it does have anti spam in there, but you know, they’re a third party ones.
Dan: And so actually probably need that. So, as much as things drop off, almost,going back to that,framing with the client Actually, this is never going to end,the good versus evil battle is going to rage on, As your MSP, our job is to curate whatever the current crop of technologies are.
Dan: Some of those will be very new and expensive and we’ll take a view that actually the gain that you get from them probably isn’t, you know, we wait six months, we wait a year until OVAIR is ready and, you know, out of beta,and then we’re going to add it to our stack and then we’ll let you know what the incremental difference is or whatever.
Dan: And I guess,that would be how I would talk to my end client to really set their expectations. a little bit of FUD there in so far as actually, yeah, that I can’t make all of the bad stuff go away. But,rest assured that our approach to this is going to be in a balanced, way.
Dan: does that resonate with you, Paul?
Paul: Yeah, no, absolutely does. And,yeah, just on the commercial side, I remember having a conversation with an MSP around, Hey, you know, I’m losing, I think it was like 25 pounds per server per month because I’ve moved. Moved stuff off, like the decommission, the file, serve, print, serve, and all that, those kinds of things.
Paul: So, well, but if I those lost pounds, I can kind of wedge you into that conversation. And cause things have changed. It’s like you said, that things have been replaced, things will always evolve. And, you know, we’re acutely aware of how hard that conversation isn’t showing the problem.
Paul: That’s why we built a freeze product. So the free product is really there to help have that conversation. Kind of constructed conversation with the customer to say, Hey, here’s a list of your problems because we do the whole kind of, Hey, look at the posture. Look at all the settings. You’ve not turned on my face turned off.
Paul: We do Benchmark so we can do compliance. mapping for them to say, Hey, here’s the kind of compliance and they could do this for free and sell that as a service and really mature the clients thinking, okay, we’re on this journey. It’s not this kind of switch this thing on and we solve we’re on this journey with security and but this is kind of helping us understand that.
Paul: And I think that’s what a lot of clients need is that rather than MSP rocking up and saying, yeah, you need this other security and then coming back next. quarter.
Adam: I
Paul: You need to show them that journey of like, Hey, you’re here. We want to get you there. to do this, it’s going to take this investment.
Paul: You’re right. down around the risk and,whether it’s worth taking, and this is something for the business to look at it. If they feel that they can swallow that risk and it’s not worth paying, you know, for us, it’s like less than a couple of pounds per user per month. if they. Don’t want to do that because it balanced it and said, look, we can’t swallow that.
Paul: Then that’s fine. That’s but we’ve the MSPs had the opportunity to show them where they’re at, where the risks are, and maybe the MSP can even turn around and say, Hey, look, because we’ve identified these risks, if anything happens in these areas of risk, then, you know, don’t be kind of blaming us because,yeah.
Adam: I really like that approach where you’re working closely with the community who can then work closely with their clients and the clients can start to understand it because it, it’s very difficult to expect, you know, their market to, to really understand what’s going on here. So if they can see it, they can see some, you know, reports and charts and have it explained to them.
Adam: That’s going to be very helpful. I think we’re out of time, Dan.
Dan: I think we’ve already done a little bit of it though, thankfully,
Paul: I was trying my best. I’m not a sales guy. I’m not a sales guy, but yeah, I’m plugging it as best as I can. no, thanks guys. And,like I said,you know, we’re a video. You can come to our website. You can choose a free tool. No sales guys. Just go and connect to it and see what you,
Paul: Can I do that one again?
Dan: I thought it was alright.
Paul: Okay.
Dan: There’ll be a little bit of editing here, but
Adam: tell you what, just do it again and then I’ll decide which one’s better.
Paul: thanks guys, for the opportunity to speak. overe.io that we have a free tool. And like I said, we want to kind of work with you on this journey of, understanding and education around security for your SaaS, environments, your client SaaS environments.
Paul: So use a free tool. And then if you feel you want to progress, we have the pay tool available now. We have early adopter. Program in place. So we have great discounts and we’re onboarding MSPs daily onto this. And, you know, we’ve got a lot of great feedback
Paul: So we will monitor and, alerts and, give you kind of curated information around the threats. And, I know it’s something we’ve already done for Daniel in one case. So, yeah, that’s us. Thanks guys.
Dan: Excellent. Paul, it’s been a real pleasure, having you on the podcast and, I’m sure we’ll speak again very soon, as the constant, evolving, threat landscape and marketplace, continues thanks ever so much for your time and, hopefully see you very soon.
Paul: Been a pleasure guys. Thank you.
Adam: Thank you.