ID Agent has augmented its flagship dark web monitoring service with a phishing simulation and security awareness training platform.
The new solution, named BullPhish ID, officially launches tomorrow. Bowie, Md.-based ID Agent plans to sell it and its Dark Web ID product together as a single offering. A new pricing scheme also set to debut tomorrow, will make that consolidated package available at rates well below what many MSPs pay for dark web protection alone at present, according to Dan Tomaszewski, ID Agent’s vice president of channel success.
“Nobody else in the industry is doing what we’re doing at that price and giving you so much value,” he says.
BullPhish lets channel pros deliver mock social engineering attacks to their customers automatically. The system then follows up with videos and quizzes that teach best practices for safe computing. That material is designed to be brief, so end users can complete it without taking large amounts of time away from work.
“We’ve broken it up into more digestible chunks,” says ID Agent CTO Nick Streaker.
MSPs can send attacks to users at staggered, random dates and times, so all employees don’t receive them at once and alert one another that a security awareness campaign is underway.
A new reporting tool provides unified data on a client’s latest awareness education, anti-phishing training, and dark web monitoring results in a single document. “It will really give the MSP and their end users a true look at what’s going on from a security risk [perspective],” Tomaszewski says, adding that reports will call out users who not only clicked on a fake phishing link but entered data about themselves on the fake landing page as well.
“We can actually tell you that one of your users went as far as submitting their username and password,” he says.
Both the reporting and staggered scheduling features, Tomaszewski notes, were requested by ID Agent partners, who played a direct part in designing the new solution. “This is really a customized platform to suit the needs of what the MSPs are looking for today,” he says.
According to Streaker, that includes easy installation and operation. Users need only upload user data, select training courses, and set a delivery schedule. “The barrier to entry from a learning curve perspective is extremely low,” Streaker says. “Everything has been packaged and labeled and is ready to go.”
Tomaszewski adds that ID Agent will assist with the setup and configuration process as well, and provide ongoing instruction on the latest security threats and trends. Partners can then position themselves as subject matter experts by sharing that information with their clients.
ID Agent’s new pricing model begins at $300 a month for 30 customer domains containing up to 500 users each. Larger subscriptions come with lower rates that drop as far as $7.69 per domain monthly. “Comparing it to the industry, we’re looking at saving at a minimum for most people maybe between two to three grand a year,” Tomaszewski says, noting that all subscriptions include the incident response advisory service ID Agent rolled out last year, the sales assistance program it added in January, and lead generation support.
Existing ID Agent partners will receive access to BullPhish ID and updated pricing this week. Many of them, according to Tomaszewski, will not only end up paying less than they do currently for dark web monitoring and end user training but have fewer vendor relationships to manage as well.
“A lot of MSPs are going to multiple different vendors,” he notes. “This allows them to use one vendor, get the price point down, but deliver a really good security product.”
According to Streaker, new functionality allowing MSPs to direct targeted training to specific end users who show up frequently in dark web scans will arrive in the second quarter of the year. Additional, unspecified, integration between BullPhish ID and Dark Web ID is on the vendor’s roadmap for delivery this year as well.
So too, Streaker adds, is integration with more PSA solutions, including Kaseya BMS. At present, ID Agent products share information with ConnectWise Manage and Datto Inc.’s Autotask solution.
ID Agent, which had 1,000 partners as of last October, now has more than 1,300. According to Streaker, expanding into end user education was “the next logical step” for the company, which plans to introduce more security tools this year and beyond.
“We’re evaluating a lot of different things right now,” says Tomaszewski, noting that a recently formed partner advisory council is playing a central part in that process.
Recognizing that even the most ingeniously crafted security software can be foiled by uninformed end users who click suspicious links, many security vendors have rolled out awareness training solutions in recent years. Sophos, for example, shipped an anti-phishing education tool a little over two years ago. Later that year, Webroot launched a solution based on technology acquired along with Portland, Ore.-based education vendor Securecast. Barracuda Networks, which bought training vendor PhishLine LLC last January, unveiled a solution of its own for midsize companies in June.
Two weeks ago, meanwhile, Master MSP Continuum announced a risk assessment and reporting solution equipped with dark web monitoring functionality. Users of that offering receive a discount on Webroot’s security awareness training service.
Global outlays on security hardware, software, and services will climb at a 9.9 percent CAGR through 2022 to $133.7 billion, according to IDC.