Cybersecurity Companies To Know In 2023: Channel Moves In Q1

We’re taking a look at the channel-focused security vendors that have unveiled major partner program updates in the first quarter of 2023, including Palo Alto Networks and Trellix.

Growing Opportunities For Partnering

While it may not grab as much attention as the torrent of industry layoffs or the latest news on AI chatbots, 2023 has already seen a steady stream of channel program announcements by tech vendors looking to do more with partners. That includes in the cybersecurity industry, where a number of vendors, large and small, are doubling down on their investments in the channel.

[Related: 10 Hot XDR Security Companies You Should Watch In 2023]

Executives from these cybersecurity companies told CRN that it’s a great time to make these investments because the opportunities around security only continue to grow, even in spite of the current economic upheaval. Intensifying cyber threats such as data theft and ransomware, along with increasing regulations and cyber insurance requirements, are just a few of the factors that experts predict strong demand for cybersecurity products and services to continue, regardless of the economic environment.

Security vendors that have unveiled major channel partner program updates in Q1 of 2023 include Palo Alto Networks, Skyhigh Security, Trellix and Proofpoint.

What follows are the details on some of the channel-focused cybersecurity companies that have unveiled major partner program updates in the first quarter of 2023. CRN will update this list on an ongoing basis.

Palo Alto Networks

Starting off the new year, Palo Alto Networks announced more details in early January about current and forthcoming updates to its NextWave Program. In an interview with CRN, Palo Alto Networks Channel Chief Tom Evans said that “the biggest change is that we looked at our partner ecosystem and realized that not all partners are the same. And to try to fit them into areas that they necessarily didn’t fit — while it worked, and certainly we were able to transact business — it didn’t completely drive the right behavior at the partners.”

“And so what we’re changing is really creating all of the different ‘paths,’ so that each of our partners — no matter what path they want to come into, or even multiple paths — have a framework within the program that drives them,” said Evans, who is vice president of worldwide channel sales at Palo Alto Networks.

The program includes five distinct “paths” for partners depending on whether they’re predominantly a solution provider (focused on offering specialized expertise in products and services); an MSSP; a services partner (for consulting, professional or risk liability services); a distributor; or a cloud service provider (focused on marketplace transactions).

Palo Alto Networks is also dramatically expanding its services specializations as well as adding new proficiencies, including professional services proficiencies and the vendor’s first managed services proficiency. The company said that more than 95 percent of its revenue is generated through partners.

Ultimately, all of the changes in the NextWave Program are aimed at making it easier and more rewarding for partners to sell more of the Palo Alto Networks product portfolio, beyond just the company’s widely deployed next-generation firewalls, Evans said. In addition to firewalls, the portfolio now includes Prisma SASE (secure access service edge) and Prisma Access for providing secure remote access to an organization’s applications and other resources; Prisma Cloud for securing applications and cloud environments; and Cortex for endpoint security, XDR and “autonomous” security operations.

“My advice to all of our firewall partners is, look at our entire portfolio and figure out the story you‘re telling to the customer. Don’t look at it as a product — look at it as [the story of] how you’re trying to make your customer secure. And then figure out which of our solutions fit in,” Evans told CRN. “And you’ll find that you don’t have to go out there and sell a bunch of solutions [from different vendors]. They can really just focus on Palo Alto [Networks] with multiple solutions.”


Ironscales, which offers a security solution for cloud-based email environments and collaboration platforms, in January announced the debut of a new channel partner program that will cover VARs, MSPs, SIs and distributors. The program, dubbed Ironscales At Scale, is a key step “as the company moves to a channel-first model,” Ironscales said in a news release.

Ironscales, which offers software for blocking phishing attacks in cloud email and collaboration applications, said it’s debuting a number of financial incentives including sales incentive rebates (or spiffs), complimentary software licenses, marketing funding and “guaranteed” margins.

Other benefits include deal registration, training, support for product demos and marketing support (such as co-branded assets), Ironscales said. The channel program includes three tiers for partners — Authorized, Gold and Platinum, the company said.


In January, Cyrebro, a provider of managed security operations center (SOC) services, announced the launch of its first channel program along with a new commitment to work with partners on 100 percent of its deals from now on. Cyrebro aims to provide enterprise-level security to small and medium-sized businesses with its managed SOC offering, said Nader Soudah (pictured), global channel vice president at Cyrebro.

The new channel program brings benefits including double-digit margins, market development funds (MDF) and deal registration, while also affording partners the opportunity to offer their own services around the Cyrebro offering, Soudah told CRN. The company had previously been working with channel partners on about half of the deals for its managed SOC service. But going forward, “every lead we now get actually gets passed to a partner,” he said.

One managed services provider that has already been working with Cyrebro is Kearns Technology Inc. (KTI), a 15-person MSP based in Toronto. The company has enjoyed strong customer traction by leveraging the findings gathered by Cyrebro’s SOC team as part of its managed services delivery, said KTI Founder and CTO Hector Kearns. Cyrebro “prioritizes and sorts everything in very actionable ways,” Kearns said.

Unlike with a typical managed detection and response (MDR) offering, Cyrebro’s managed SOC service largely leaves the response part of the process up to the partner, which eliminates any potential conflict with KTI’s own managed security services, he said.

Skyhigh Security

Skyhigh Security announced its first distinct partner program since the split of McAfee Enterprise last year, which is initially focused on reseller and distributor partners. The program unveiled on Feb. 6, the Skyhigh Security Altitude Partner Program, includes generous backend rebates, deal registration, a new partner portal and a commitment that 100 percent of business will transact through the channel, according to Scott Goree (pictured), vice president of worldwide channels at Skyhigh Security.

“There is no direct business. We have sellers that work directly with customers, but they are motivated to work with our partners — and by policy [Skyhigh is] 100-percent channel,” Goree told CRN. It’s the first partner program to launch under the Skyhigh Security name and the first that is distinct from what Skyhigh had in its prior iteration, as the security service edge (SSE) business of McAfee Enterprise, he said. “This is a big step in [us] forming our own path,” Goree said.

Following the merger of McAfee Enterprise and FireEye in 2021, the combined company was then split into two parts in 2022 — with the SSE division becoming Skyhigh Security. (The remainder of the company, including the endpoint security business, was renamed Trellix.)

Skyhigh’s Altitude program includes three tiers — registered, essential and advanced. The program offers a revamped training platform, available through the portal, for sales and technical training that partners can take free of charge to move up to a higher tier, Goree said. In terms of financial benefits, the new program offers double-digit backend rebates for advanced-tier partners and “slightly less” for essential-tier partners, according to Goree.

Looking ahead, Skyhigh’s plan is to expand the program later this year to include professional services partners and managed services partners (MSPs), Goree said. While the company already has relationships with MSPs and professional services partners, the company wants to design a “solid, bulletproof program” for those types of partners, he said.


On Feb. 8, Trellix unveiled its next big move in its bid to drive growth of its extended detection and response (XDR) platform, with the launch of its Trellix Xtend Global Channel Partner Program.

Since the split of McAfee Enterprise in 2022, Trellix has been seeking to build upon its strong presence in the endpoint security market to become a top player in XDR. One of the fastest-growing categories in cybersecurity today, XDR aims to provide enhanced security by correlating data from across in organizations environment’s and devices, and then prioritizing the most serious threats for a response.

Britt Norwood (pictured), senior vice president of global channels and commercial at Trellix, said in a news release that partners are at the “forefront” of the company’s growth strategy. Trellix ultimately is seeking to deepen its work with partners as it looks to “lead in the XDR market.” Nearly 90 percent of Trellix’s revenue is generated via the channel, Trellix CEO Bryan Palma told CRN in September.

The Xtend Global Channel Partner Program includes such as a partner portal with upgraded resources such as guides and sales playbooks; the Trellix University learning management platform; sales and technical resources; and a “turnkey” program for marketing support and demand generation, according to the company.


Proofpoint unveiled a new channel program in mid-February that aims to offer a simplified structure to partners along with enhanced incentives and training, as the company looks to work with more solution providers on areas beyond its widely used email security offering — including in areas such as information protection and compliance solutions. “When I talk to partners across the world, the first thing they say is, ‘Email protection — you’re the best,’” said Joe Sykora (pictured), senior vice president for global channel and partner sales at Proofpoint. “That’s great — but we do so much more.”

The new program, Proofpoint Element, switches to a two-tier structure from the prior metal-based program structure. The two tiers are “Core” for partners that can meet minimum program requirements, and “Elite” for partners that are willing to make a larger investment in training and meet higher revenue goals. Partners that qualify for the Elite tier will receive higher discounts and marketing funds as well as a dedicated channel account manager, Proofpoint said. Within the Elite tier, partners can also achieve two specializations — Information Protection and Security Awareness Training.

Other updates to the Proofpoint channel program include expanded and refreshed training through the company’s partner portal, as well as new opportunities for hands-on training through planned road show stops in U.S. cities. Additional benefits include dedicated marketing support, access to labs and support for partners that are looking to build managed services around Proofpoint’s offerings, Sykora said.


MixMode, a company focused on deploying self-learning AI to thwart previously unknown attacks, in mid-February announced the hiring of a cybersecurity industry veteran as its channel chief as it looks to expand efforts with partners. The company named Todd DeBell (pictured), who has been recognized numerous times on the CRN Channel Chiefs list, as its vice president of channel sales.

Most recently, DeBell had been vice president of Americas channels at ExtraHop, where he spent three years. Prior to that role, he was director of Americas alliances and channel sales at Zscaler. Earlier roles included channel leadership roles at Bugcrowd, Forescout and FireMon.

In a news release, MixMode described itself as a “channel-only company,” and said that DeBell will be tasked with “continuing to expand MixMode’s channel sales strategy.”

In March 2022, MixMode raised a $45 million Series B funding round led by growth equity investor PSG.

Salt Security

API security vendor Salt Security on Feb. 23 announced the debut of its new Essential Partner Certification Program, a free program that provides enhanced training and support to channel partners. The voluntary program includes both sales and technical training as well as support in those areas for any questions that partners might have. While Salt Security has previously provided training and support to partners, “it’s more of a formalized effort for us to make sure that we are proactively providing this [information] — so that it’s easier for them to articulate this back to their customers,” said Michael Nicosia (pictured), co-founder and COO at Salt Security.

The company generates 100 percent of its revenue from deals that involve channel partners, and has seen deal registrations surge by 400 percent over the past 12 months, year-over-year, Nicosia said.

API security has risen to become a major priority for organizations in recent years as more companies have deployed their own applications, and as attackers have increasingly begun targeting unsecured APIs. Salt Security stands out with its more than five years of experience in the space, during which time its AI has learned how to detect API vulnerabilities more proficiently than tools that’ve been around for a shorter time, Nicosia said. Other differentiators include its use of massive quantities of data, he said. “A lot of our competitors are on-prem, and you cannot physically you cannot look at the trillions of API calls in an on-prem, single VM solution,” Nicosia said. “If you can’t leverage big data, you cannot look at the amounts of API calls that we look into.”

Additionally, Salt Security’s ability to discover and prevent API attacks in runtime is crucial for protecting customers, he said. “We think securing your APIs in runtime is the most value for your money today — versus going into the ‘shift left’ side, the pre-production side, where a lot of our competitors are moving into.”

Sevco Security

Sevco Security, which offers a cloud-native platform for cybersecurity asset attack surface management (CAASM), announced March 1 that it has launched a new partner program for managed service providers and managed security service providers. The Sevco 5-Star Partner Program debuts with “more than 20” partners to start, and is aimed at making it easier for MSPs and MSSPs to utilize the company’s “real-time asset intelligence that helps customers identify and close previously unknown security gaps,” the company said in a news release. The program offers consumption-based pricing as well as dedicated support for partners, Sevco said.

Sevco has been launched and headed by executives who were formerly part of the founding teams at endpoint security pioneers Cylance and Carbon Black. The startup raised a $15 million Series A round of funding in mid-2021 led by Syn Ventures.


Cloud security startup Wiz announced its first formal partner program on March 1 in a bid to help accelerate the company’s sales through the channel, just days after achieving the highest valuation of any venture-backed cybersecurity company at $10 billion. The Wiz Partner Program aims to build on already rapid growth that the company has been seeing during its less than three years of existence, the company told CRN.

Founded in early 2020, Wiz quickly found huge traction for its product that brings together numerous cloud security capabilities while deploying quickly and offering greater prioritization of threats. In August 2022, Wiz disclosed that it had crossed $100 million in annual recurring revenue, achieving this key startup milestone in the shortest amount of time of any company to date at 18 months, according to the firm.

On account of its growth surge, Wiz announced in late February that it was able to raise $300 million in new funding at a valuation of $10 billion. That was up from its prior valuation of $6 billion, as of October 2021, and moved Wiz to the top spot on CB Insights’ ranking of cybersecurity unicorns.

About 75 percent of Wiz’s deals involve a value-added reseller (VAR) partner, and the company is aiming to increase that percentage going forward, said Colin Jones (pictured), chief revenue officer at Wiz. Major VAR partners of Wiz include Trace3, Optiv, Presidio, WWT and GuidePoint Security.

The Wiz Partner Program offers three tiers for partners — Registered, Focus and Premier — and includes expanded discounts and benefits based on achievement of revenue goals. Other key components of the new program include deal registration and access to sales, training and marketing materials through the Wiz partner portal.

Wiz expects it will “learn a great deal” from its partners in the future, Jones said, adding that his message to partners is to “please keep the feedback coming — we’re always listening.” The company is in its “infancy” of partnering with large global systems integrators, he noted — and may also explore working with additional categories of partners in the future, such as consulting partners, which have shown considerable interest in working with Wiz.


Island, a fast-growing startup that offers a security-focused web browser for businesses, on March 1 told CRN that it’s making a major bid to expand its work with partners with the hire of industry veteran Keith Weatherford (pictured) as its first channel chief.

Weatherford, who departed a role as global channel chief at cybersecurity firm Forescout, has joined Island as its vice president of worldwide channel sales. He told CRN that he sees a massive opportunity to help Island connect with the channel around bringing its secure browser to a wider number of businesses. Founded in mid-2020, Island only exited stealth in February 2022 and has already done a number of customer deals through channel partners.

With Weatherford now heading its channel efforts, Island is expecting to accelerate that work while also developing its first partner program, which should launch prior to 2024.

“[Island] definitely had channel impact in year one, but we see an opportunity to ramp that up significantly,” Weatherford said in an interview.

At one of Island’s early partners, Trace3, initial use cases have included allowing businesses to provide secure application access to their contractors, as well as enabling secure usage of BYOD (bring your own device) as well. Trace3 is “super excited about where Island is going,” said Katherine Walther, vice president of innovation at Irvine, Calif.-based Trace3, No. 36 on CRN’s 2022 Solution Provider 500. And given the huge and growing reliance on SaaS among many businesses—and the widespread usage of BYOD and contractors around the industry—“we think Island is an emerging technology that’s designed for every company, which is kind of unique these days,” she said.

Other uses for Island that could be significant include using the browser as an alternative to zero trust network access (ZTNA) and data loss prevention (DLP) solutions, according to Walther.

Stellar Cyber

Stellar Cyber, which offers an extended detection and response (XDR) platform focused on the needs of smaller cybersecurity teams, launched its first partner program focused on resellers and distributors in mid-March. The new InterSTELLAR Partner Program joins the company’s existing program for managed security service providers, the MSSP Jumpstart Partner Program, which has helped to drive strong growth with MSSPs, said Aimei Wei (pictured), founder and CTO at Stellar Cyber.

Now, with the new reseller-focused program, Stellar Cyber is aiming to work with more partners to reach a greater number of under-served businesses, “especially the small and medium-sized customers who have very lean security teams,” Wei told CRN. “Helping them out is what our mission and goal [has been since] the very beginning.”

The InterSTELLAR Partner Program consists of two tiers for partners — “5-STAR” and “STAR” — which offer benefits including market development funds, sales incentive rebates and lead sharing, as well as a partner portal with marketing and sales resources. At the 5-STAR level, partners can also receive access to additional resources such as a “white glove” enablement team, a branded open XDR training and certification platform and the company’s network of MSSPs.

Many partners today may not be able to offer 24/7 managed security services to customers, but most are interested in figuring out some way to get into the managed service space, said Randy Johnston, vice president of channels at Stellar Cyber. “We want our partners to be able to leverage our expertise on the managed services side,” he said.

Endor Labs

Code security platform Endor Labs announced in mid-March that it has launched a global partner program and is making a “100 percent commitment” to working with channel partners to drive its business. Endor Labs was founded by Varun Badhwar and Dimitri Stiliadis, former leaders of Palo Alto Networks’ Prisma Cloud division whose companies, RedLock and Aporeto, were acquired by the cybersecurity giant. The startup aims to provide enhanced security for the software supply chain, with a platform focused on enabling the secure use of open source software — spanning dependency selection, management and remediation of code security issues.

With the newly launched partner program, Endor Labs Hyperdrive, the startup is committing to a “channel-first go-to-market strategy,” the company said in a news release. Benefits include support around presales, deployment and customer success, the startup said. Partners can grow their businesses by launching new services based around the Endor Labs platform, the company said, including advisory services and services for building and running open source software lifecycle programs. In October 2022, Endor Labs announced raising a $25 million seed funding round from investors including Lightspeed Venture Partners, Dell Technologies Capital, Sierra Ventures, Palo Alto Networks CEO Nikesh Arora, Zscaler Founder and CEO Jay Chaudhry and Netskope Founder and CEO Sanjay Beri.

Menlo Security

Menlo Security announced on March 23 that it has updated the channel partner program to drive growth of its cloud security platform, which includes products such as secure web gateway, remote browser isolation, cloud access security broker, data loss prevention and cloud firewall. The enhancements to the company’s channel program include “teaming to provide additional margin, enhanced training, and comprehensive go-to-market plans,” the company said in a news release.

Partners of Menlo Security will also gain access to “specialized” reseller and distributor tools to help with on-boarding customers and provisioning users. Additionally, the vendor has updated its learning management system portal, as well as its sales and marketing training, and sales/pre-sales support. The company also said it will provide new tools to “selected” partners that can help with assessing customer exposure to threats that are particularly evasive to security controls (known as highly evasive adaptive threats, or HEAT). The first tool is HEAT Check, which “allows customers to run a light penetration test to identify if they are susceptible to HEAT attacks,” Menlo Security said.

Meanwhile, the company announced that Phil Hillhouse (pictured), who had most recently been with IronNet, has been hired as its vice president of sales for the Americas. Hillhouse — who prior to IronNet had held sales roles at Symantec and Zscaler — brings “extensive experience in channel sales and implementing cross-functional sales and business development” with solution providers, Menlo Security said.


Ermetic, a venture-backed cloud security vendor that specializes in automatically removing unneeded permissions in the cloud, announced the launch of a redesigned channel program on March 29. The company’s Above the Cloud Channel Partner Program consists of an offering customized for resellers and a separate offering tailored to managed security service providers (MSSPs).

Components of the new program include Ermetic’s first certification program around its cloud-native application protection platform (CNAPP), aimed at providing partners with key technical skills for working with the platform, said Scott Hoard (pictured), head of global channel sales for Ermetic, in a news release. The platform brings an identity-focused approach to unifying and automating a number of capabilities in cloud security — including cloud infrastructure entitlement management (CIEM), cloud security posture management (CSPM), cloud workload protection (CWP) and security for infrastructure-as-code (IaC), as well as Kubernetes security posture management.

Ermetic says it counts more than 90 channel partners in its program, including Trace3, GuidePoint Security, Optiv, Marcum Technology and Protiviti.


Okta announced March 29 it has overhauled its channel program to recognize and incentivize partners for contributing value in numerous ways beyond just transactional revenue, as the identity powerhouse looks to modernize its program with a broader set of potential “influencers” in mind, Okta Channel Chief Bill Hustad (pictured) told CRN.

The new Okta Elevate partner program features four tiers for partners and “new incentives at every level,” said Hustad, senior vice president of global partners and alliances at Okta.

The redesigned program aims to expand Okta’s channel efforts by accounting for partners such as managed service providers, service delivery partners and integration partners in a bigger way than in the past, he said.

With the program’s four tiers — starting with the entry-level Activate tier and continuing upward to Amplify, Ascend and Apex — “now you can move up in that model in many different ways,” Hustad said. “It’s not just, what revenue are you providing Okta? It’s now, what value are you creating to the customer?”

Along with redesigned tiers and incentives, Okta is also announcing three new specializations that partners can achieve — in Workforce Identity Cloud, Customer Identity Cloud and Workflows — to demonstrate their expertise in the areas. Okta is also launching a second way for partners to show their focus areas with the company’s products, with the debut of a new badging model. Partners will be able to earn badges for Managed Service Providers, Tech Champions or Public Sector Experts.


Lacework on March 28 announced a new program tailored to the needs of managed service providers as the cloud security vendor seeks to accelerate its deployments with MSPs and MSSPs, while also unveiling new benefits for partners in its broader channel program. The Lacework MSP Program, a subset of the company’s overall partner program, recognizes that “we can’t just pigeonhole that particular route to market and that partner ecosystem into a reseller program,” said Brian Lanigan (pictured), vice president of worldwide channel and alliances at Lacework.

The program also takes into account the fact that for many MSPs and MSSPs, “they actually go to market in the channel,” he said. “So they might deliver a managed service, and yet they might execute with a GuidePoint or an Optiv or somebody else, in terms of the transaction.” In those types of scenarios, Lacework will now credit both entities — the MSP/MSSP and the transactional partner — for the respective value that they create, according to Lanigan.

“And then the more they get certified on Lacework capabilities, and what they could deliver to the market, the more benefits we’re going to deliver to them in terms of incentives,” he said. For providers of managed services, that is often more about back-end incentives, he noted.

Other updates to the Lacework Partner Program include the launch of a cloud security assessments offering to partners. The offering consists of complimentary access to Lacework experts for one week, during which time the experts will perform “a bespoke assessment of the cloud security posture for the customer,” Lanigan said.