WhiteHat Security Debuts New Partner Program To Boost DevSecOps

WhiteHat Security plans to get the channel more involved in its application security business through high-touch engagement and deep technical training.

The San Jose, Calif.-based application security vendor said it’s doubling down with the channel around DevSecOps to more effectively address an area of high customer demand. DevSecOps enables the channel partner to engage with a non-traditional buyer within the customer's organization and attach on high-margin tools and services such as static code analysis, said John Atkinson, VP of partnerships.

Although DevSecOps has been a big focus for WhiteHat's own direct sales force, Atkinson said the internal training and materials weren't getting exposed to partners, who as a result weren't taking advantage of the opportunity. The company hopes the new program will provide partners with the knowledge and tools necessary to position and sell into the development side of the business, he said.

[Related: WhiteHat Security Services Find Web Site Flaws]

The traditional reseller community started off selling hardware, Atkinson said, and as a result often doesn't see itself as being relevant to software or application developers. WhiteHat wants to move partners from selling a single product line to the company's entire suite, according to Atkinson.

Partner business managers will help the channel cross that bridge by delivering detailed training around what DevSecOps is from a sales standpoint to help solution providers better understand what their opportunities are, Atkinson said.

And on the technical side, Atkinson said WhiteHat is offering a multi-day, online certification program so that partners can present intelligently around source code, dynamic testing and mobile. DevSecOps is focused on the integration of security practices into the DevOps process, driving ongoing, flexible collaboration between release engineers and security teams.

The WhiteHat Security Partnership Program will have three tiers and serve between 100 and 125 solution providers in total, according to Atkinson. The first level will provide channel partners with self-service training and tools, focus on building a business plan around DevSecOps, and have between 60 and 70 solution providers, Atkinson said.

Once partners get to Level 2, Atkinson said they will be assigned a partner business manager and gain access to lead generation resources as well as marketing events and campaigns. WhiteHat expects to have between 30 and 40 Level 2 partners, Atkinson said, and each partner business manager will be assigned to no more than 10 solution providers so that they have the time to provide proper support.

WhiteHat's 12 to 14 Level 3 solutions provider will have a personal partnership team aligned to their growth and profitability models, Atkinson said. Level 2 and Level 3 partners are expected to generate at least $250,000 to $500,000 of DevSecOps revenue each year, according to Atkinson.

"If the partners aren't making money, this isn't working from them," Atkinson said.

Mission Critical Systems has been a WhiteHat partner for five years, but has up until now sold them when the opportunity arises rather than treating it as a focus area for the business, according to Dave Doebler, director of sales for the Pompano Beach, Fl.-based company.

But that's set to change thanks to greater interest in application security testing as well as a program that makes it more profitable for partners to sell WhiteHat, Doebler said. Programming and app teams are partnering much more closely with security, Doebler said, and are therefore building app sec testing into their coding methodology.

As security people increasingly become part of the app dev process, Doebler said customers are more regularly bringing the idea of application security testing up with Mission Critical Systems, Doebler said. It's much easier to code and test at the same time rather than putting an application into production and then having to rebuild the code if a security vulnerability is found, according to Doebler.

WhiteHat's new partner program also makes working with the company more enticing, Doebler said, thanks to a deal registration program that protects solution providers doing the heavy lifting and rewards them handsomely for going and getting new customers.

"I think the partner program presents a great opportunity for us to lead with WhiteHat," Doebler said. "They are becoming more relevant to our business."