ConnectWise Plans To Acquire Perch Security In $80M Deal, Sources Say

Perch Security, which was founded in Tampa, Fla., in 2017, received $9 million in Series A funding from ConnectWise in October 2018. The investment also came with a seat on Perch Security’s board of directors for Arnie Bellini, the ConnectWise CEO at the time.


After another year spent suffering bruising attacks on its MSP customers—and their clients—ConnectWise hopes to announce next week that it has acquired Perch Security, a cybersecurity company with an in-house Security Operations Center, for $80 million, sources with knowledge of the deal said.

Perch Security is based in Tampa, Fla., and has partnered with ConnectWise for a number of years, offering its brand of co-managed threat detection to customers for an added fee.

ConnectWise is expected to tell partners about the deal on the main stage during the company’s opening remarks at IT Nation Tuesday. The two companies have been close since October 2018, when ConnectWise invested $9 million in Perch Security. The investment also came with a seat on Perch Security’s board of directors for Arnie Bellini, ConnectWise CEO at the time.

Sponsored post

Whether ConnectWise will create a new product or offering around the acquisition, or whether it will offer the company’s network intrusion detection software for all ConnectWise customers, is not yet known.

ConnectWise CEO Jason Magee referred questions to a spokesperson. Perch Security CEO Aharon Chernin did not reply to a message asking for comment.

ConnectWise partners said they hope the company returns to its roots of creating “world-class PSA” (professional services automation) tools rather than selling software.

“I still think ConnectWise should quit trying to be distribution and focus on creating world-class PSA, RMM and quoting tools,” one longtime ConnectWise partner, who asked for anonymity, told CRN. “Ultimately, I think they are losing the quoting tool battle handily and they are going to lose the other two as well if they don’t begin to focus.”

Another partner, who also asked for anonymity, said the move is similar to the one ConnectWise made when it acquired LabTech. That acquisition later became ConnectWise Automate.

“They seem to make that a pattern,” the partner said. “They invest, sit tight for a few years, then integrate. ConnectWise is having too many operational issues to run that type of business well. They’re great at writing software. They can’t keep it together on sales and support. Running a services team is their biggest weakness and that’s what Perch [Security], because of the SOC, really is.”

Last year, ConnectWise unveiled a mega-deal at IT Nation: its private equity owner, Thoma Bravo, had merged it with rival Continuum. That deal came with Continuum’s own robust security practice, which included three SOC locations around the globe.

However in June, ConnectWise said that the company’s ConnectWise Automate product had been used by bad actors to ransom MSPs. The company later acknowledged MSP customers were also hit. Perch Security wrote about the incidents in July, saying ConnectWise allowed MSPs to be “buffalo-jumped.”

“We defined a buffalo jump as an incident where an MSP is compromised for access to multiple customers,” a Perch Security researcher wrote in a blog posted to the company’s site. “A buffalo jump ends with most of your customers being ransomed. You could consider a buffalo jump as a supply chain attack, but at scale.”

[RELATED: ConnectWise CEO Says ‘We Definitely Failed’ In Communication To Partners And Workers, But Vows ‘Doubling Down’ To Right The Ship]

In its July blog, Perch Security said it wanted to create a product that could monitor ConnectWise Automate to detect intrusions that lead to ransomware.

“Wouldn’t it be great if you could easily monitor ConnectWise Automate for threats? The Perch community sure thought so. So, we asked the birds in the lab to look into it and rustle something up, and now it’s here,” the post read. “This new product comes right off the heels of a CW Automate vulnerability (CVE-2020-14159) that led to some Managed Service Providers (MSPs) getting buffalo-jumped.”