IoT Security Firm ReFirm Labs Seeks MSSPs, VARs For New Partner Program

One MSSP says ReFirm Labs' ability to automatically analyze the security of device firmware could help address foreign policy issues in the U.S., such as concerns that devices made abroad could be compromised: 'This could be a really good story. This kind of technology could solve that.'


Internet of Things security startup ReFirm Labs is turning to the channel for its new platform that helps businesses monitor and validate the firmware security of connected devices.

The Fulton, Maryland-based company announced on Thursday the launch of its global certified partner program for its Centrifuge Platform, saying that it can give managed security service providers, value-added resellers and systems integrators a new way to make profits and differentiate themselves in the security service provider market.

Founded by former NSA employees Peter Eacmen III and Terry Dunlap, ReFirm Labs started as a services company that provided offensive cyber capabilities to the U.S. Special Operations Command and intelligence agencies at foreign governments. After being approached by a group of investors, the company decided to commercialize its firmware extraction capabilities and raised a $1.5 million seed round in 2017 to develop Centrifuge.

Sponsored post

[Related: VMware Vet's Firm Leads $65M Round In IoT Security Startup Armis]

Robbie Robbins, vice president of sales and business development at ReFirm Labs, said the company's Centrifuge Platform provides "automated firmware decomposition and analysis at scale," eliminating the time-consuming manual work of extracting and analyzing firmware from devices to identify vulnerabilities that are increasingly leavening businesses open to attacks.

Centrifuge works like this: first, it extracts the file systems from the compiled binary image of a device's firmware (no source code needed). It then builds a bill of materials that compiles all of the firmware's open-source software components and cross-references them with Common Vulnerabilities And Exposures (CVE) databases to identify potential security holes, such as backdoor accounts, exploitable code and malware.

Robbins said the result is an actionable report that can be fed back into firmware development, which is especially useful for device manufacturers or companies that need to vet the security of devices from said manufacturers.

"They use us a third-party audit against the security posture of the firmware," he said.

With the company's new partner program, ReFirm Labs is looking for MSSPs, VARs and SIs who want to expand their existing security practices. Depending on the partner type, there are different kinds of opportunities with Centrifuge, according to Robbins.

For MSSPs and VARs, the main focus is on Centrifuge's continuous monitoring capability, which provides alerts whenever new vulnerabilities are detected. Robbins said these kinds of partners can host Centrifuge in a multi-tenant environment that serves multiple customers as part of a recurring revenue model. SIs can use Centrifuge to "operationalize" the threat intelligence the platform provides into a company's development, security and operations.

Depending on various factors, like tier level, sales activity and deal registration, partners can expect profit margins ranging from 15-40 percent, Robbins said.

The partner program is broken up into bronze, silver and gold tiers based on sales volume. All tiers of partners will have access to a business development representative for support or technical requests while gold and silver partners will have access to joint demand generation campaigns, such as co-branded collateral.

Gold and silver partners will also have access to periodic sales and technical training, as well as the opportunity to earn renewal revenue with the sale of every Centrifuge subscription. On top of that, gold partners will receive qualified leads based on geography, along with the ability to work on custom sales incentive programs.

Robbins said ReFirm Labs expects 50 percent of its annual revenue to come from partners this year, with that target increasing to 80 percent in 2020 and then 100 percent the year after. The company has six signed partners now, with two more under contract.

"My goal is to build an ecosystem of partners in key vertical and key geographies to meet our revenue expectations," he said.

Mark Jones, CEO of Austin-based MSSP Black Lake Security, said he is intrigued by ReFirm Labs' approach to IoT security and could imagine how Centrifuge could augment his company's current IoT security practice, which is built around ForeScout's capabilities.

"I think this is something that is going to continue to cause havoc," he said. "If you look at certain attack vectors these nation-state guys are absolutely coming after this kind of protocol."

Jones said his company is already doing firmware analysis for a couple clients to detect vulnerabilities, but it's being done manually — looking into the source code and running scans — so ReFirm Labs' Centrifuge platform could save his company a lot of time.

"Right now, a lot of this is done with the command line," he said.

With the Trump administration pushing against technology companies in countries that are considered foreign adversaries, such as Huawei in China, Jones said ReFirm Labs could help answer important questions about the security of devices made abroad.

"This could be a really good story," he said. "This kind of technology could solve that."