From the Desk of Blackpoint’s New CTPO | My Journey to Blackpoint and Where We Go From Here

If we broadly look at the Managed Detection and Response (MDR) space that Blackpoint is in, this space is a rapidly growing domain in cybersecurity. One of the more significant trends in cybersecurity in recent years has been its widespread adoption by organizations worldwide. According to Frost & Sullivan’s 2023 Voice of the Enterprise Security Customer survey, 36% of global organizations were using an MDR service at the beginning of 2023, with another 24% planning to invest in one by 2024. The driving factors are the dearth of cybersecurity talent, the rapidly evolving threat landscape, and increased risk due to a growing attack surface. These factors will continue to drive organizations to outsource their security needs either fully or to augment their internal security teams. So, the need for MDR services will remain high for the foreseeable future.

With that said, there are several MDR vendors out there, and it can be hard to pick one who you can trust and partner with. The key aspects to look at are:

• Does the MDR vendor have its own tech stack, or are they using other vendors to create a solution?
• Do they truly respond by remediating and eliminating the breach if and when it occurs?
• How much does their service cost?
• Do they have a good understanding and empathy for you as a customer?

When I first looked at Blackpoint, I found that they use their own products to detect and respond to all threats, and they continue to grow and invest their technology. Their technology differentiation from other MDR vendors who use SIEM-based techniques, is their lateral movement detection approach to instantly detect and eliminate threats in their earliest stages.

That organically results in a reduced number of alerts, quicker response by their world-class security operations center (SOC) team, and extremely competitive pricing for their customers. They are one of the few MDR vendors who perform full remediation of cybersecurity threats on behalf of their customers, giving them peace of mind. The Blackpoint SOC’s average time to respond, remediate, and call their customers for cloud incidents is 7 minutes. It’s one of the best among its competitors. With their several years of experience in keeping the bad guys out, Jon Murchison and others on the team bring that empathy to their customers, which is so important.

I have spent years on the proactive side of cybersecurity, and this is an interesting opportunity to use my expertise and leadership to influence Blackpoint’s product vision and go-to-market on the reactive side.

The team is a highly motivated and sharp bunch of folks who are energized by what lies ahead of them. Accel and Bain, Blackpoint’s main investors, have a great reputation and solid track record.

When you consider all these ingredients together, you see a great recipe for success for Blackpoint and its partners.

Most MDR vendors focus on providing only reactive services for threat detection and response. There is an opportunity for MDR vendors to provide a complete end-to-end managed service for prevention, detection, and response. Including risk-based proactive techniques to identify, prioritize, and remediate threat exposures before they lead to a breach is a holistic approach that provides a better security outcome.

Customers ultimately want their MDR providers to help them remain secure. It starts with them:

• practicing good cyber hygiene across their organization,
• having a good understanding of their environment and their attack surface,
• prioritizing remediation of threat exposures, and
• having the right solutions in place for threat detection and response.

Blackpoint is uniquely positioned to provide a complete managed service, powered by its platform, for risk-informed prevention, detection and response to its core customer base of small- and medium-sized businesses (SMBs) and managed service providers (MSPs), as well as to the mid-market enterprise.

My vision is that Blackpoint’s technology will include one endpoint agent to collect various telemetry, one platform that supports a common security data fabric for all agent and partner vendor data, and one console to various modules with a cohesive customer experience geared towards prevention, detection, and response.

That, coupled with vendor integrations to pull data into Blackpoint’s platform from best of breed products, enables customers to rely on a MDR provider they can trust, while not having to lock in with any particular cybersecurity vendor. That is what a true MDR platform should look like, and is different from the platformization approach some are taking of cobbling point products together.

The other logical evolution is the adoption of AI to reduce the dependence on humans in SOC operations to advanced investigations. These moves, along with its competitive pricing, will position Blackpoint extremely well to further grow its position as a leader in the MSP and SMB markets, as well as help rapidly displace other vendors in the mid-market enterprise.

Manoj Srivastava

Chief Technology and Product Officer

Connect with Manoj on LinkedIn.