Why Identity Protection Is Blackpoint Cyber’s Foundation, Not a Feature 

Today, identity security is finally getting the attention it deserves. Across industries, businesses are waking up to the fact that identity compromise is the leading cause of breaches, ransomware, and cloud exploitation. According to Microsoft’s Secure by Design report, organizations face approximately 600 million identity attacks every day. But for those who have live and breathe cybersecurity, identity security has always been the foundation of true protection. 

At Blackpoint Cyber, we have championed identity security since the very beginning, not as an add-on, but as a core element of our mission to deliver real-world, unified, cybersecurity outcomes. 

A Legacy of Identity-First Security 

Since Blackpoint was founded in 2014, identity monitoring and security has always been at the forefront. While other vendors concentrated on persistence mechanisms that simply detect how attackers maintain access or after-the-fact event logs in a SIEM, we focused on addressing the root cause by protecting identities and stopping attacks before they could take hold. 

Our understanding of identity is rooted in years of experience within government organizations like the NSA, where we analyzed some of the most significant cyberattacks and consistently found one common denominator: identity takeover and abuse. 

Since inception, we have not chased trends or pivoted strategy. Identity security has been woven into Blackpoint’s DNA for over a decade. 

A Timeline of Blackpoint’s Identity Investments 

• 2014:  
  • Blackpoint is founded by Former NSA operator, Jon Murchison. 
• 2017:  
  • SNAP-Defense Launch: After three years of rigorous R&D, iterative development, and validation by real-world penetration testers, Blackpoint launched SNAP-Defense 2.0, the industry’s first purpose-built MDR platform. Backed by patented technology awarded in 2018, SNAP-Defense laid the groundwork for our Managed Detection and Response service, the first in the industry to focus on identity as the critical layer of defense. 
• 2020:  
  • 365 Defense Launch: The first MDR offering purpose-built for Microsoft 365. Designed to monitor and secure M365 user accounts and identities, it extends Blackpoint’s identity protection into cloud environments—anticipating the industry’s shift from on-premise to cloud-based attacks. 
• 2021:  
  • Cloud Response Release: As cloud identity attacks accelerated, we improved our cloud MDR offering by building a new cloud MDR from the ground up: Cloud Response in June of 2022. This solution focuses heavily on attacks against cloud identities and increasing detections by adding IP enrichment, improved geo-tagging, and identification of VPN and tor use. 
• 2023:  
  • Expanding Across Major Platforms: We expanded Cloud Response coverage to include Azure SSO and Google Workspace, further strengthening identity protections across leading cloud providers and for more businesses, including non-profits, startups, and educational institutions. 
• 2024:  
  • Cisco Duo Integration: With the expansion and adoption of Single Sign-On (SSO), Blackpoint again led the industry by bringing MDR to identity provider platforms, adding MDR for Cisco Duo. 
• 2024:  
  • Native AI Cloud Response Enhancements: After a heavy investment in AI model development in 2023, we turned on our first native AI models for Cloud Response, expediting event triage and prioritization and allowing Blackpoint’s human-led SOC to detect and respond faster and smarter to cloud identity attacks. Specifically, our AI models automatically identifying alerts that meet criteria for account disablement, ensuring faster response to identity-based risks. 
• 2025:  
  • CompassOne: The Unified Security Posture and Response platform, that puts identities, assets, and cloud environments at the center of protection. Asset Inventory, Cloud Posture Management, improved Cloud MDR, and Vulnerability Management further enhance our ability to detect, prioritize, and respond to identity-driven risks in real time. 

Identity First Then Now and Always 

Identity is not just “one” component of cybersecurity. It is the critical surface attackers target to gain access, elevate permissions, move laterally, impersonate others, exfil data, and cause damage. Whether through phishing, credential theft, or exploitation of system vulnerabilities and cloud misconfigurations, adversaries target identities.  

Blackpoint’s long-standing commitment to identity protection ensures our partners and customers to stay ahead of threats, proactively defending the most critical layers of security to protect both their business and the clients who rely on them. 

For a deeper look at why identity-based attacks are the foundation of modern cyber threats, explore: 

• Identity is the Foundation of Today’s Cyber Attacks 
• Contextualizing Identity-Based Attacks for a More Secure Cloud 

Continuing Our Investment 

Blackpoint Cyber has been a leader in identity security for over a decade and we continue to push the boundaries on proactive and reactive identity protection. The attackers are not stopping; and neither are we. Instead, we are rapidly working to strengthen our platform with more integrations, improved and expanded native AI capabilities, and broader cloud-native protections. 

Because securing identities is not a trend. It is cybersecurity. 

Secure every moment. Protect every identity with Blackpoint Cyber.