10 Cybersecurity Companies Making Moves: March 2023

We’re taking a look at some of the cybersecurity companies that launched new products and partner programs, announced acquisitions or made key executive hires in March.

Hot Market, Big Moves

While a few more cybersecurity companies announced layoffs last month amid continued macroeconomic wobbles, including Zscaler, many more security vendors had other types of news to announce in March.

In particular, the pace of cybersecurity product launches seemed to accelerate during the month, as at least 20 companies we follow released major product announcements. That appeared to be an uptick from the prior two months of 2023, based on our tracking of hundreds of product vendors in the cybersecurity industry. Other cybersecurity moves during the month included announcements of notable acquisitions, the launches of new channel partner programs and important executive hires.

[Related: Check Point CEO Gil Shwed On ‘Prevention-First’ XDR And Security Vendor ‘Overload’]

In March, some of the biggest moves by cybersecurity companies included a cloud security acquisition by Cisco, while Okta was among the cybersecurity companies that unveiled details on a new channel partner program and Check Point was among the vendors to disclose a key executive hire.

Additionally in March, Microsoft announced a new security product that uses OpenAI’s GPT-4 technology and Palo Alto Networks unveiled significant AI-powered updates to its secure access service edge (SASE) platform.

What follows are the details on 10 cybersecurity companies that announced major moves in March 2023.

Wiz Launches First Partner Program

Cloud security startup Wiz announced its first formal partner program in a bid to help accelerate the company’s sales through the channel, after achieving the highest valuation of any venture-backed cybersecurity company at $10 billion in February. The Wiz Partner Program aims to build on already rapid growth that the company has been seeing during its less than three years of existence, the company told CRN.

About 75 percent of Wiz’s deals involve a value-added reseller (VAR) partner, and the company is aiming to increase that percentage going forward, said Colin Jones (pictured), chief revenue officer at Wiz. Major VAR partners of Wiz include Trace3, Optiv, Presidio, World Wide Technology and GuidePoint Security.

The Wiz Partner Program offers three tiers for partners — Registered, Focus and Premier — and includes expanded discounts and benefits based on achievement of revenue goals. Other key components of the new program include deal registration and access to sales, training and marketing materials through the Wiz partner portal.

On account of its growth surge, Wiz announced in late February that it was able to raise $300 million in new funding at a valuation of $10 billion.

HPE Announces Agreement To Acquire Axis Security

One of the biggest cybersecurity moves in March was the announcement by Hewlett Packard Enterprise that it’s reached an agreement to acquire Axis Security to bolster its secure access service edge (SASE) platform. Combining the Axis offering in security service edge (SSE) with the HPE Aruba networking platform — including SD-WAN from the acquisition of Silver Peak — will ultimately give HPE “the most comprehensive” offering in SASE, HPE CEO Antonio Neri (pictured) told CRN.

“All of this will be fully integrated into our HPE GreenLake platform, which will be offered as a subscription service,” Neri said. “Therefore, our partners will be able to sell all these solutions to drive a SASE model with recurring revenue, while also selling the underlying connectivity that comes with it.”

The Axis Security acquisition is expected to close in HPE’s second fiscal quarter, ending April 30. Terms of the deal were not disclosed.

Cisco Announces Deal To Acquire Lightspin

In another big cybersecurity acquisition during the month, Cisco Systems announced plans to acquire cloud security vendor Lightspin, as the networking giant carries out its mission to unify its security portfolio.

Privately held Lightspin specializes in end-to-end cloud security posture management (CSPM) across cloud-native resources. Cisco and Lightspin together will be able to meet their shared goal of helping customers modernize their cloud environments with end-to-end security and observability, from build to runtime, Vijoy Pandey, Cisco’s senior vice president of engineering for emerging technologies and incubation, said in a blog post.

Financial terms of the deal were not disclosed. The deal marks the second security-related acquisition this year so far for Cisco, following the company’s disclosure in February that it plans to acquire Valtix, a privately held cloud network security startup.

Optiv Acquires ClearShark To Expand Federal Business

One of the major security players in the channel announced an acquisition last month, as well. Optiv kicked off a major expansion in the federal government space with the acquisition of solution provider ClearShark, which more than doubles the size of the company’s federal business and provides a foundation for strong growth in the market, CEO Kevin Lynch (pictured) said.

It’s the first acquisition for Optiv since Lynch joined the cybersecurity powerhouse as CEO in April 2020. And looking ahead, “I do expect that there will be more” acquisitions for Optiv following ClearShark, Lynch said in an interview with CRN.

Terms of the acquisition of Hanover, Md.-based ClearShark were not disclosed. The deal has added about 125 employees to Optiv’s existing headcount of more than 2,500.

Crucially, the combination of the two companies “sets the foundation for us to really bring a public sector focus on an even larger scale,” Lynch said. “We see ClearShark as the cornerstone of our public sector business going forward.”

Palo Alto Networks Announces SASE Update

In March, Palo Alto Networks announced a forthcoming set of new features for its fast-growing secure access service edge platform, Prisma SASE, focused around AI and automation. The capabilities include AIOps that is natively integrated in order to bring greater automation to IT operations. The addition of AIOps — which uses AI-driven detection as well as predictive analytics — offers benefits such as proactive remediation of issues that could cause a service outage, according to the company. With proactive monitoring and diagnosing problems, Prisma SASE can now provide automated troubleshooting that reduces administrative overhead, said Kumar Ramachandran, senior vice president for SASE products at Palo Alto Networks.

“This is a huge release for us,” Ramachandran (pictured) told CRN in an interview. “Not only are we making massive advances in AI and ML, we’re also making the product more rapidly adoptable by customers.”

Other updates include several enhancements to SD-WAN, including improved visibility through the Prisma SD-WAN Command Center; integrated IoT security; and an on-premises controller for Prisma SD-WAN. With many buildings now having thousands of connected devices — from card readers to a variety of sensors — there’s a need to be able to automatically identify and classify the devices for security purposes, Ramachandran said. Prisma SASE can now do this while also making recommendations on how best to isolate devices in the event of a problem, he said. To do so, he said, “requires integration between SD-WAN and the security service, in our case Prisma Access. Being able to use ML in automatically classifying these devices is just very powerful. Otherwise, there’s such a large plethora of devices, administrators cannot manually identify and classify them.”

Microsoft Unveils Security Copilot

Microsoft unveiled a new product for cybersecurity professionals, Security Copilot, that uses generative AI from GPT-4 — the latest version of the OpenAI large language model that is available in applications such as the massively popular ChatGPT chatbot.

Microsoft Security Copilot tailors the generative AI technology toward cybersecurity by combining GPT-4 with Microsoft’s own security-focused AI model.

Microsoft Security Copilot will feature a prompt-based user interface akin to generative AI chatbots such as ChatGPT. When a cybersecurity professional gives a prompt to the application, the response will leverage Microsoft’s security-focused AI model “to deploy skills and queries” that are relevant to the prompt, wrote Vasu Jakkal (pictured), corporate vice president for security, compliance, identity and management at Microsoft, in a blog post.

“This is unique to a security use-case,” Jakkal wrote. “Our cyber-trained model adds a learning system to create and tune new skills. Security Copilot then can help catch what other approaches might miss and augment an analyst’s work. In a typical incident, this boost translates into gains in the quality of detection, speed of response and ability to strengthen security posture.”

Sophos Debuts New Endpoint Capabilities

Since transitioning its managed threat response offering to a managed detection and response (MDR) service at the end of November, Sophos has seen strong demand that’s not expected to be slowing down anytime soon, Sophos CTO Joe Levy (pictured) told CRN. The cybersecurity giant disclosed a suite of new endpoint security capabilities in March that will help feed into the MDR service — as well as the underlying extended detection and response (XDR) platform that helps to power the MDR.

The updates include new account health check capabilities, through which Sophos can inform endpoint customers “if something bad has happened to their configuration, whether it was intentional or accidental,” Levy said. “We just notify them very clearly [and] we give them the information necessary to be able to remediate it.”

Another new capability is “adaptive active adversary protection.” The feature puts Sophos’ endpoint security product into what the company calls “breach mode” when it appears that a customer is under attack, Levy said. The product can then prevent an executable from running, for instance, or can prohibit a connection to a particular endpoint. The capability ultimately offers the ability to disrupt attacks that are in progress and “buy more time for responders,” Levy said.

Check Point Hires New Channel Chief

Check Point Software Technologies announced the hire of Francisco Criado (pictured), a longtime IT distribution executive who was most recently a senior vice president at TD Synnex, as its new global channel chief.

In an interview with CRN, Criado said he was inspired to come to Check Point by the cybersecurity giant’s “100 percent channel” commitment and the massive opportunity it has around cloud security, secure access service edge (SASE) and other key areas beyond its traditional network security business.

Criado, whose title at Check Point is vice president of worldwide partner ecosystem, had previously focused on cybersecurity in roles that included serving as vice president of global security solutions for Tech Data. Most recently, he had been senior vice president of cloud, data and IoT at TD Synnex (the company created through the 2021 merger of Synnex and Tech Data).

In all, Criado has spent nearly two decades in the channel, largely in distribution, which he said has given him “a good sense of what’s meaningful and what’s valued by both partners and distribution.”

Okta Revamps Partner Program

Okta announced it has overhauled its channel program to recognize and incentivize partners for contributing value in numerous ways beyond just transactional revenue, as the identity powerhouse looks to modernize its program with a broader set of potential “influencers” in mind, Okta Channel Chief Bill Hustad (pictured) told CRN.

The new Okta Elevate partner program features four tiers for partners and “new incentives at every level,” said Hustad, senior vice president of global partners and alliances at Okta.

The redesigned program aims to expand Okta’s channel efforts by accounting for partners such as managed service providers, service delivery partners and integration partners in a bigger way than in the past, he said.

With the program’s four tiers — starting with the entry-level Activate tier and continuing upward to Amplify, Ascend and Apex — “now you can move up in that model in many different ways,” Hustad said. “It’s not just, what revenue are you providing Okta? It’s now, what value are you creating to the customer?”

Along with redesigned tiers and incentives, Okta is also announcing three new specializations that partners can achieve — in Workforce Identity Cloud, Customer Identity Cloud and Workflows — to demonstrate their expertise in the areas. Okta is also launching a second way for partners to show their focus areas with the company’s products, with the debut of a new badging model. Partners will be able to earn badges for Managed Service Providers, Tech Champions or Public Sector Experts.

Lacework Launches MSP Program

Lacework announced a new program tailored to the needs of managed service providers as the cloud security vendor seeks to accelerate its deployments with MSPs and MSSPs, while also unveiling new benefits for partners in its broader channel program. The Lacework MSP Program, a subset of the company’s overall partner program, recognizes that “we can’t just pigeonhole that particular route to market and that partner ecosystem into a reseller program,” said Brian Lanigan (pictured), vice president of worldwide channel and alliances at Lacework.

The program also takes into account the fact that for many MSPs and MSSPs, “they actually go to market in the channel,” he said. “So they might deliver a managed service, and yet they might execute with a GuidePoint or an Optiv or somebody else, in terms of the transaction.” In those types of scenarios, Lacework will now credit both entities — the MSP/MSSP and the transactional partner — for the respective value that they create, according to Lanigan.

Other updates to the Lacework Partner Program include the launch of a cloud security assessments offering to partners. The offering consists of complimentary access to Lacework experts for one week, during which time the experts will perform “a bespoke assessment of the cloud security posture for the customer,” Lanigan said.