Opaq Networks has acquired FourV Systems to automate and streamline the assessment of clients' security architecture and position around regulatory compliance.
The Herndon, Va.-based security startup was impressed by Baltimore-based FourV's ability to deliver reporting and continuous risk management data to customers, according to Chief Strategy Officer Ken Ammon. Up until now, Ammon said MSSPs had had a difficult time documenting the value they provide to the end user by monitoring their systems.
"It made sense on a bunch of levels for us to pull this together," Ammon told CRN exclusively. "It's a strategic component of what we're doing."
— CRN (@CRN) March 5, 2018
The acquisition closed March 16, Ammon said, with all 18 of FourV's employees joining Opaq. Companies with less than 250 employees can typically take advantage of Opaq and FourV's combined core response and risk capabilities for less than $500 per month, according to Ammon.
Having analysts write reports themselves about the threats they've helped thwart would be costly and lacks scale, Ammon said. But FourV's GreySpark technology makes it possible to capture that same information in an automated fashion, Ammon said, meaning that customers can now enjoy everything from an assessment snapshot to continuous risk monitoring and enforcement from a single platform.
FourV's technology will allow MSSPs to gather a complete snapshot of what's happening on the end user's system and match it up against a risk framework or compliance requirements such as PCI or NSS, according to Ammon. With these new capabilities, MSSPs can conduct a full, audit-ready assessment of the necessary protections with little to no legwork required.
By applying automation and machine learning to the reporting process, Ammon said Opaq will give analysts employed by MSSPs time back in their day to hunt for bad things and respond to events.
Opaq Networks and FourV Systems worked through organizational integration and high-level road mapping prior to the deal's close, Ammon said. The company expects to be out with a combined, fully-integrated offering within the next two months, according to Ammon.
Opaq is not looking to create a portfolio of separate or distinct cloud-based products, Ammon said. As a result, he said FourV's technology would be fully integrated into Opaq's platform to provide a single pane of glass experience that's agile and easy to navigate.
FourV's go-to-market motion is a very strong match for Opaq, Ammon said, with both companies initially starting off selling to the enterprise but eventually retooling their business to go after SMB and mid-market using MSPs and MSSPs. Although the two companies have a handful of overlapping partner relationships, Ammon said major green fields exist since both companies are fairly new to the channel.
The FourV name will be retired, Ammon said, but the company is considering retaining the GreySpark moniker since it refers to the underlying and patented technology.
Having both security and analytics in the basic service will make Opaq's offering more appealing to customers, said Tom Turkot, vice president of client solutions for Buffalo Grove, Ill.-based Arlington Computer Products. The new capabilities from FourV will make it possible for customers to eliminate several licenses focused on analytics, Turkot said, ultimately lowering their total cost of ownership.
The acquisition should make Opaq's offering more appealing to clients in industries that are highly compliance-oriented such as health care, education, and financial services, Turkot said. Specifically, he said the new capabilities should provide more insight as to who is trying to access what applications.
"Now you can actually start understanding your security infrastructure even better," Turkot said.