Kaseya’s AI Surprise

Something surprised me about the bombshell Kaseya dropped at its DattoCon 2024 event in Miami this week, but it might not be what you think.

It’s not that the company had a bombshell to drop in the first place. CEO Fred Voccola told me (as I told you) all the way back in July that there was a “monster, monster, monster announcement” of some kind on the way.

It’s also not that the announcement in question turned out to concern security. Global spending on security services will rise 12.9% this year to $163.3 billion, according to Canalys, and security is kind of a thing among managed service software makers as a result. N-able’s competitive strategy, for instance, is “anchored” in security, according to CEO John Pagliuca in an interview with Channelholic last week, and ConnectWise has just hired a new CEO with deep security experience and ambitious plans to grow the company’s security portfolio.

That the news Kaseya made this week involved selling thoroughly integrated software at very low prices wasn’t a surprise either, given that:

Integration is how Kaseya plans to dominate the market for everything MSPs buy.

The last bombshell Kaseya dropped, late in April, was the launch of Kaseya 365, a new service offering RMM, backup, antivirus, EDR, and other things MSPs need to support endpoints for just $3.99 per device per month or an eye-popping $1.75 a month if you opt out of the solution’s MDR component.

Kaseya 365, Voccola made clear when unveiling the solution, was the first step in a larger campaign aimed at raising the average margins he says MSPs earn today (10%) to the average margins earned by accountants and lawyers (35%).

So no, it wasn’t a total shock when Voccola lifted the curtain Tuesday on a tightly integrated user security solution offering a lot of functionality at a very low price. Called Kaseya 365 User, it combines SaaS backup, anti-phishing, dark web monitoring, and security awareness training, plus cloud detection and response functionality via technology acquired along with SaaS Alerts (a company we’ve written about here from time to time and will discuss some more below).

The whole thing sells today for a promotional $2.79 per user per month, which will rise to a post-promotional $3.75 later. Kaseya believes those prices will save subscribers $4 to $10 per user every month on top of the roughly $10 per device per month they’re already saving if they use Kaseya 365 Endpoint, the new name of the original member of what is now, I guess, the Kaseya 365 family.

Impressive, but still not surprising. The surprising thing about Kaseya 365 User, for me at least, wasn’t its price or the profit implications of that price or the integration or the fact that it’s a security solution. It was how much Kaseya emphasized AI-powered automation when unveiling the new product.

Yes, Kaseya cares enough about AI to have spent five years and a lot of money building a private, custom AI platform called the Cooper Intelligence Engine, and yes, Voccola (pictured) spoke about the dozens of pre-built, AI-based automations included in Kaseya 365 Endpoint when announcing that product in the spring.

But the company’s never foregrounded AI as a core part of its competitive strategy as much as it did this week, or as much as ConnectWise, Atera, Syncro, and others in the managed services software market have in the past. To the contrary, Kaseya was at pains during last year’s DattoCon to emphasize how careful it was being about AI in light of its security and hallucination risks.

And then, in a development that surprised Kaseya itself at least as much as me, AI and automation rather than the pricing turned out to be the “most favorite part” of Kaseya 365 Endpoint, according to Voccola, among the roughly 6,800 MSPs that have deployed it to date.

“We expect the same with User,” he says. “Automation is the name of the game.”

Which is why chief product officer Ranjan Singh and IT ops suite general manager Nadir Merchant both spoke at length during keynotes this week about recent and forthcoming updates to Kaseya’s AI technologies, which now include the Cooper Insights “performance optimization” tool, the Cooper Bots RPA platform, and the genAI-powered Cooper Copilots family.

Voccola has great expectations about the impact those tools will have too. “We believe that by the end of 2026, upwards of 70% of the repetitive and mundane things that an MSP does, which is most of what they have to do, will be completely automated by a Cooper Bot and then proactively driven by a Cooper Copilot,” he says.

As a result, Kaseya has raised its MSP margin ambitions. Why stop at 35%?

“We underestimated what this industry can and should be,” Voccola says. “If we automate effing 70% of the mundane, manual things [MSPs] do, where we want this industry to be by the end of the decade is a 45-to-50-point profit margin business.”

Thanks for reading Channelholic! Subscribe for free to receive new posts and support my work.

And remember: It’s only halftime

When Voccola told Channelholic that there was something big coming in October, he also said that would be the second step, after the Kaseya 365 Endpoint rollout, in a four-step process aimed at realizing that now outdated 35% margin goal.

This is me speculating more than Kaseya confirming, but based on the pattern they’ve established of introducing one of those steps every six months or so at one of the vendor’s major conferences, I’m guessing that step three arrives in April at next year’s Kaseya Connect Global conference in Las Vegas and step four debuts at DattoCon 2025. Brace yourself for more bombshells.

Minding the COGS

Those 6,800 K365 Endpoint subscribers I referenced earlier are up from 4,000-plus as of July. They’re also way, way above Kaseya’s initial projections, according to chief revenue officer Mike Sanders (pictured).

“We thought we might get 2,000, 2,500 people to adopt it in the first year and we blew through that very, very quickly and had to readjust all our goals,” he says.

Sanders expects Kaseya 365 User to be even more popular than its predecessor, moreover, thanks to lower adoption barriers. “People are less married to some of the things that are in User than we found with Endpoint,” he says, citing RMM software in particular.

That’s good news for Kaseya—unless its (many) critics are correct when speculating that K365’s rock-bottom prices mean the company loses money every time it makes a sale. Kaseya emphatically denies the suggestion, but it’s hard to blame people for wondering given how thoroughly counter-intuitive assertions like this, by Voccola, can sound to people outside the company:

“We have found a way where we can spend more on R&D, charge less for more products, and make more money.”

Granted, it took Kaseya a decade to perfect that formula, according to Voccola, but how can it possibly add up?

The linchpin, Kaseya execs say with great consistency, is an obsessive-compulsive fixation on cost of goods sold. Sanders still remembers what an adjustment that discipline required when he became general manager of Kaseya’s Unitrends business five years ago.

“There was just a relentless pursuit of ensuring that we were being as efficient as we possibly could,” he recalls. “I reported it monthly and we set goals on it and we would drive to those goals.” He wasn’t reporting to some bean counter in finance either. COGS was then and is now a constant topic of discussion in Kaseya’s C-suite.

OK, I asked, but what comes out of those meetings that somehow makes $1.75 an endpoint possible?

“There’s no magic bullet or secret recipe,” Sanders replied. “When we do these acquisitions, we start to immediately, immediately look to see where we can leverage our economies of scale. We’ve got a tremendous amount of talent on our data center side, on the infrastructure side, and we’re able to bring all of that to bear.”

Maybe you’re paying separately for software Kaseya already subscribes to, says Sanders by way of example, or you’re paying more for compute with a public cloud provider than you would leveraging Kaseya’s own cloud instead. Startup founders and growth-stage executives don’t spend a lot of time thinking about such matters as a rule. Kaseya does.

“Engineers like to build features and functionality. That’s what they like to do,” Sanders says. “We’ve got to make sure that we’re staying on point with the things that make it commercially viable for us to do the things that we know are disruptive and move the needle.”

Share

SaaS security is security

Endpoints are still big threat vectors, of course, but I’m increasingly of the mind that user security and cloud security are swiftly becoming synonymous with security period these days. Latest stat in support of that thought: For every on-prem security attack Blackpoint Cyber’s SOC records these days it records 16 cloud attacks, the vast majority of which target Microsoft 365, according to CEO Jon Murchison during a DattoCon interview this week.

Channel partners are seeing the same thing, apparently, based on the results of a research study I wrote recently on behalf of SaaS Alerts, which found that MSPs consider cloud vulnerabilities a bigger threat than ransomware these days.

(And yes, full disclosure, SaaS Alerts is a client of mine via Channel Mastered, the consultancy I’m part of, but the terms of that engagement neither include nor imply coverage in Channelholic. Heck, they didn’t even tell me they’d been acquired before Kaseya did.)

I’ve long wondered why so few vendors that partner with MSPs have caught on to where the danger is today. SkyKick, which ConnectWise now owns, has a cloud security product, and Augmentt, Auvik, Blackpoint, and Huntress, among others, address the issue in one way or another too. But outside of a few less familiar vendors like Octiga and Inforcer it’s hard to find many pure play, MSP-friendly SaaS security vendors.

Kaseya now owns one of them. The deal made sense for SaaS Alerts, according to CEO and co-founder Jim Lippie (pictured) for two reasons: distribution and resources. Distribution as in the 40,000 MSPs in Kaseya’s CRM system and its 1,000-plus account managers.

“Just to put that in perspective, I’ve got 10 people in my go-to-market team,” Lippie says. “It would take a long time for SaaS Alerts to be able to reach that many MSPs in a meaningful way.”

As for resources, Lippie will soon be in the market for five new developers. That’s a small number in absolute terms but a big one in relation to the 20 he has on staff at present. Integrating with SaaS applications will be one of the enlarged team’s top priorities.

“This time last year, we had maybe 10 applications that we were monitoring. Now we’re up to like 25,” Lippie says. “By this time next year, we should be double that, maybe closing in on 100.”

Lippie’s coders have been hard at work on integrations with Kaseya solutions since even before this week’s news broke. SaaS Alerts imports endpoint telemetry from Kaseya’s EDR solution now and will collect data from the Graphus email security app soon too. Graphus, in turn, will soon tap into the SaaS Alerts platform’s DLP functionality. Something even bigger involving Kaseya’s RocketCyber MDR service that Lippie will only discuss obliquely for now is in the works as well.

“You can connect the dots on your own, because I can’t specifically say, but if you understand what RocketCyber does and you understand what SaaS Alerts does and you’re able to harness the power of both, you basically land on a threat engine that can serve up really anything, any threat vector, back to the MSP. So XDR, SIEM, all of those types of offerings come into play,” Lippie says.

MSPs who use SaaS Alerts stand-alone now or decide to do so in the future rather than subscribe to Kaseya 365 User will benefit from this week’s news as well, Lippie says, because the list price on new SaaS Alerts subscriptions will soon drop by 10% and there will be no price increases for existing subscribers at their next renewal date.

Lippie’s boss Voccola, however, has made it clear to Channelholic readers just within the last few weeks that he doubts there will be much demand among MSPs or their clients for stand-alone security solutions in the long term. Lippie suspects he’s right, and shares Voccola’s assessment of what that means for stand-alone security vendors.

“If you’re an enterprise company that does EDR and you just sell to the enterprise and you have that go-to-market motion down, you could probably be viable,” Lippie says. The MSP market is a different matter.

“If you’re an MSP that wants to get to 20, 25, 30, 35% margins, you can’t do it with just a grouping of best of breed products that don’t integrate well enough to create efficiency,” Lippie argues. “It’s virtually impossible.”

Kaseya’s SASE goes Wi-Fi

One of the more interesting topics I got into with Voccola at last year’s DattoCon, somewhat unexpectedly, was networking. Datto was in that business when Kaseya acquired the company two years ago, but was working hard to get out. Voccola not only halted that process after the deal closed but poured millions of dollars into an effort to conquer what he called a “monster market” for SMB networking that the Ciscos and HPEs of the world are too big to bother with in a meaningful way.

Marcus Ward (pictured), who was running networking for Datto when Kaseya bought the company, has been spearheading that campaign ever since. His primary strategy should be both predictable and familiar by now.

“At the end of the day, networking hardware is highly commoditized,” Ward says. “The differentiation we have is with integrations.”

Those integrations, which have been rolling out over the course of the last year, connect the access points, switches, managed power appliances, and other products in Kaseya’s networking line with the company’s management, documentation, and security solutions in ways that allow technicians to open a port or recycle a power outlet from inside their RMM, for example, and allow networking products to open tickets automatically when they encounter a security issue.

And then there’s SafeCheck, a built-in component of Datto’s SecureEdge SASE solution that automatically draws on access policies, endpoint status information, and other data in Kaseya applications to ensure that only secure devices can establish remote connections. Beginning next month, Ward announced at DattoCon this week, that same technology will support traditional Wi-Fi connections too, offering MSPs with limited know-how an easier approach to network access control than building a RADIUS server.

“With literally one toggle, you’ll be able to say only managed endpoints can connect to this wireless network,” Ward says.

The new feature’s part of a larger push into SASE by multiple vendors, including SonicWall, in response to changed network requirements in the age of hybrid work and mobile computing.

“10 years ago, the world was very self-contained,” Ward says. “Your applications, your data, your workloads were in the office behind a firewall.” Today, users are anywhere and everywhere, and most of what they access is in the cloud.

“Nobody cares what the network infrastructure is,” Ward notes. “Employees just want to get on their application.” SASE is purpose-built for just such a use case, which is why Sanders expects it to be a major growth driver.  

“I can certainly see a world where in three or four years you can’t use applications if you’re part of a company without having SASE infrastructure in place to make sure that you are who they think you are before you even try to log in,” he says. “It takes away a huge, huge attack plane.”

Not to mention a lot of complexity, which is a big part of what Ward likes about SASE, or really anything that takes the pain out of networking for MSPs with limited time, limited skills, and better things to worry about.

“Networking is a necessary evil,” Ward says. “We want to make it simple.”

Share Channelholic

An update on Secure By Design

Hat tip to Channelholic fav Dave Sobel of the Business of Tech podcast for directing my attention to an announcement this week that over 230 vendors have signed on to CISA’s Secure By Design initiative since its launch during the RSA conference in May. I’ve been tracking some of those signups here (like when Barracuda, ConnectWise, N-able, and Veeam each took the pledge, for example) but wasn’t aware that the overall volume of signatories had grown so large.

This is something to celebrate, of course, but only to a point. The seven security best practices identified in Secure By Design are bare minimums that everyone should have been doing all along, as Huntress CEO Kyle Hanslovan—one of the first Secure By Design signatories—told me when the program debuted. The software industry as a whole should embrace much higher standards.

Speaking of Secure By Design, and as long as my hat’s off for tipping, here’s a belated nod to Sophos CEO Joe Levy for alerting me during a recent interview to a second CISA initiative called Secure By Demand launched in August. Secure By Design is how CISA hopes to increase the supply of secure software.  

“Now they’re looking at the demand side of it and they’re saying, ‘if you are buying software, any kind of software, your procurement office should be asking certain questions,” Levy notes. The idea is to pressure vendors into doing more of the right things more often.

The two programs together, Levy adds, are a welcome one-two punch. “If we can actually begin to reduce the likelihood of these sort of unforgivable vulnerabilities then we begin to work on curing the problem and not just treating the problem, and as somebody who’s done cybersecurity for my entire life, that’s music to my ears.”

Also worth noting

N-able has added a new backup immutability feature to its Cove data protection platform. I’ll learn more next week during an interview with the vendor’s Chris Groot.

A new integration between Pia’s hyperautomation platform and TimeZest’s tech scheduling system is designed to streamline the process of booking technician-client meetings.

The new Cisco 360 Partner Program is designed to do exactly what Canalys says every vendor should be doing: reward members for value added beyond the point of sale.

Acronym alert: one of several new joint ventures by Cisco and Lenovo is an MRaaS (as in Meeting Room as a Service) solution.

They lean toward the enterprise, but Cisco’s new plug-and-play AI solutions are exactly the kind of repeatable AI offerings partners are looking for right now.

HP’s new Amplify AI program aims to help partners drive adoption and sales of AI PCs and more.

Speaking of partner programs, the new one at Blackpoint Cyber is actually kind of the vendor’s first, for reasons shared by CEO Jon Murchison that I’ll discuss in a future post.

A case management upgrade from Malwarebytes lets partners access MDR and managed threat hunting cases directly within the vendor’s Nebula and OneView platforms.

The newest offering from Fortinet, FortiDLP, combines data loss prevention with insider risk management.

New AI-powered functionality from TeamViewer automatically summarizes remote support sessions and provides analytics on them, to boost technician productivity.

You are backing up Salesforce data, right? If not, there’s a new version of Veeam’s Backup for Salesforce solution on the Salesforce AppExchange.

Yet more evidence that I’m not the only one who sees promise in data security posture management: Proofpoint has acquired DSPM vendor Normalyze.

NinjaOne has formed a CxO advisory board.

Blancco’s new Autopilot Detection feature shows companies with devices to dispose of which ones should be deregistered from unified endpoint management services first.