TrapX Security, which is focused on defending against zero-day malware and APTs, has only recently entered the North American marketplace. It has, however, now announced a partner program to recruit, train and support partners, who are the company’s sole vehicle to market since they do not sell direct.
TrapX is another entry from the impressive Israeli high-end security sector. Founded in Tel Aviv in 2011, they were self-funded for three years, until they closed their Series A round of funding and began to expand into North America in March of this year.
“Our approach involves taking two technologies that have been around for a while – Honeypot technology and Deep Packet Inspection – and combining them into an intelligent grid,” said Carl Wright, TrapX’s General Manager of North America.
“Honeypot tech had been very manual and required a Tier 3 engineer, and it couldn’t scale out, so it wasn’t in the right place at the right time, Wright said. “We have created a virtual appliance that can monitor 16 different VLANs with honeypots. We also use Deep Packet Inspection, and compare what the DPI sees with real-time threat data we OEM from ThreatTrack. Combining these two technologies lets the DPI talk to the honeypots, and shares information based on what they are seeing in an automated way.”
It is a modern adaptive type of defense in depth, working from the premise that persistent attackers are going to get in, so the goal is not to stop them, but in real time to detect and block them, provide them with alternative targets, sandbox them, and let them execute their now-harmless attacks to get intelligence about them.
“It’s an effective response, and unlike some solutions of this type, you don’t get false positives,” Wright said.
Unusually for a company in Series A stage funding, TrapX has a product which is advanced enough to be attractive to managed security service providers (MSSPs), and these are a main target of TrapX’s partner recruitment efforts.
‘Usually, a Series A stage, a company would still be building out the product, but because we were self- funded for three years, we are shipping mature product with an advanced management infrastructure,” Wright said. “We also built multi-tenancy into it for the MSSPs. Usually, you wouldn’t go after MSSPs right away, and would focus on getting an enterprise foothold, but because the management infrastructure is so rich already and because MSSPs need to introduce new differentiated products to avoid just competing on price, this is very sweet for them.” Wright noted that this week, they signed up two of the largest MSSPs in Mexico.
Some of the MSSPs TrapX is signing up are VARs who have broadened out into the cloud to diversify their customer offerings.
“VARs who were classic box movers found they had to shift business to cloud, and many are converting box revenue into service revenue as MSSPs,” Wright said. “So we are signing up classic VARS and also signing them up as MSSPS which are two very different revenue models for us, classic reseller and monthly subscription.” TrapX also has strategic technology partners, who integrate TrapX technologies with complementary products or services.
Wright said they would like to sign up between 4 and 5 partners a month and are on target to do that.
Trap-X has placed its TrapX Security Operation Center on the Google Cloud Platform, which allows partners to deploy entire secure SOCs and sensors quickly and inexpensively.
“We teach VARs how to stand up an entire TrapX SOC on Google in a couple hours, and it’s tremendously inexpensive,” Wright said.
TrapX finds and pre-qualifies leads, which it turns over to partners after qualifying them on business need, sponsorship, and funding. It also offers partners MDF funds to drive qualified opportunities forward. Partners are also provided with support through joint road shows, lunch and learns, and a partner portal with a configuration tool, sales guides, technical resources, deal registration and other material.
“This is a very rich program, with some things that are a little different, Wright said. “For instance, we subsidize a large part of MSSP startup costs by letting them make a lot more revenue in the first year. We have gotten tremendous feedback from that. It’s a great model to help the partners onboard the technology.”