**Editor’s Note: “7 Minutes” is a feature where we ask channel executives from startups – or companies that may be new to the Channel Partners audience – a series of quick questions about their businesses and channel programs.**
Secdo plays in the endpoint detection and response (EDR) space, which Gartner says has growth potential — though how much depends on your customer base. While all companies need mobility management, Gartner says that by 2020, 80 percent of large enterprises, 25 percent of midsize organizations and 10 percent of small businesses will have invested in specialized endpoint protection. Endpoint protection is also a crowded arena that includes specialists like Carbon Black, CounterTack, FireEye, Guidance Software and Tanium, as well as big security software providers such as McAfee, Sophos, Symantec and Trend Micro.
Typically, says Secdo, endpoint threat detection is based on indicators of compromise. Classic examples are unusual read activity in a database or suspicious changes to a registry. Secdo’s twist is that it adds what it calls a behavioral-based modifier to IoCs; that is, an application or endpoint OS acting in an unusual manner, like randomly creating an .exe file. With version 5 of its response platform, released in October, customers or an MSP can automatically block potentially malicious activities, choose from a number of automated responses and freeze a suspect endpoint.
Secdo’s VP of alliances Zion Zatlavi took some time to answer our Q&A.
Channel Partners: Tell us what customers love about your product or service. What’s the secret selling sauce?
Zion Zatlavi: Customers fall in love with the visibility and advanced response features Secdo delivers. They are blown away when they see all the information they get on their endpoints, information that helps them make better, more effective decisions in the areas of security and IT. We almost always hear from customers that before using Secdo, their endpoints were a huge blind spot for them. Once Secdo is deployed, they are amazed at what they can see and do.
With Secdo, customers get immediate access to all endpoint data. The software also includes the ability to proactively hunt for and surgically respond to threats, on a single machine or across the entire network, from a centralized, easy-to-use console. The advanced capabilities of Secdo’s automated endpoint security and incident response platform give organizations unprecedented endpoint visibility and precise control over responses, so they can quickly and efficiently shut down attacks.
In addition, customers appreciate that they can tailor the platform to meet their needs. From the start, Secdo engineers understood that one size doesn’t fit all. The company knew that threat detection varies greatly from one organization to another, so the platform was built to support customization. For example, customers can configure and tune rules, including PowerShell, indicators of compromise (IOCs) and behavior-based IOCs (BIOC) rules, to optimize the ongoing detection and prevention of attacks. This makes it easy for customers to hunt for threats in their unique environments, to maximize the value they get from …