The convergence of cloud security solutions is a market factor that MSSPs and MSPs cannot ignore, the latest example being the integration between Skyhigh Security and Trellix.
Specifically, the integration involves the Skyhigh Secure Web Gateway (SWG) for Cloud and Trellix Intelligent Virtual Execution (IVX) Cloud.
“This new cloud to cloud integration offers significant benefits for MSSPs and MSPs alike by creating new service opportunities and enhancing the overall value we deliver to customers,” Rakesh Lodha, senior director of Solutions and Architecture at Skyhigh Security, told MSSP Alert. “By addressing use cases such as blocking unknown and zero-day malware, viewing indicators of compromise and accessing data forensics, MSSPs and MSPs can build a business around Skyhigh Security and Trellix to address it.”
Lodha noted that the integration allows MSSPs and MSPs to offer an expanded portfolio of solutions to their customers while generating additional revenue and strengthening customer relationships through the provision of Trellix IVX and Skyhigh cloud solutions.
“By introducing this advanced security layer, providers are able to upsell Skyhigh Security’s Secure Web Gateway (SWG) solution to existing Trellix customers, positioning them as key partners in their clients’ cybersecurity strategies,” Lodha said. “The extra layer of malware scanning, zero-day threat detection, and comprehensive data forensics enhances customer value and helps organizations protect their sensitive data and employees more effectively.”
The new integration also provides an opportunity for MSSPs and MSPs to address the evolving needs of organizations transitioning to hybrid environments through the engagement of on-premises SWG and Trellix users.
“Overall, it boosts the value proposition that MSSPs and MSPs can offer, increases customer stickiness, strengthens security postures and opens up new avenues for revenue,” Lodha said.
Benefits and Uses of the Skyhigh Security-Trellix Integration
The cloud integration provides an additional layer of malware scanning, zero-day threat detection and comprehensive data forensics for the cloud, helping them guard their sensitive data and protect employees. Here’s how:
- Block unknown and zero-day malware. Skyhigh SWG scans a web object for viruses or other malware and if any suspicious web object is found, it is sent to Trellix IVX for additional scanning. Trellix’s sandbox technology meticulously analyzes the file within a controlled environment, observing its behavior and assessing whether there’s a potential threat.
- Access data forensics. The additional layer of Trellix IVX offers a threat detection sandbox that pinpoints known and unknown malware. This sandboxing offers a detailed forensic report explaining the attack vector and its potential impact. The incident is mapped to the MITRE ATT&CK framework, providing insights into modes of operation. This information, when shared with security operations teams, can enable faster decision-making during critical incidents.
- View Indicators of Compromise. Trellix offers a detailed report on Indicators of Compromise (IOCs) — traces left by attackers or malicious software — to aid in identifying security incidents. IOCs empower enterprises to find other unknown malware in their environment and enable more effective threat hunting. Based on the results, the security operations team can decide to block or allow the object on Skyhigh SWG.
Skyhigh Security, Trellix Partner with MSSPs, MSPs
In February 2024, Skyhigh Security announced an updated MSP specialization as part of the Skyhigh Altitude Partner Program. Soon, MSPs will be able to showcase their expertise by completing a specialized MSP certification offered at no charge to Altitude partners, the company said. In addition, the program enables customers to outsource the cybersecurity function to specialized partners who have the expertise to manage security for them.
Trellix partners with MSSPs and MSPs through its Xtend Partner Program, Security Innovation Alliance and OEM & Embedded Alliance. Trellix is an open and native extended detection and response (XDR) platform provider, offers customers a signatureless analysis engine that inspects suspicious network traffic to identify attacks evading traditional signature and policy-based defenses. The company
The Cloud Integration Trend
The integration of Skyhigh Security and Trellix cloud security solutions signals a shift towards integrated, cloud-native and intelligence-driven cybersecurity solutions. Here are some of the most well-known integrations:
- Microsoft Defender for Cloud integrates with Palo Alto Networks' Prisma Cloud to provide customers with enhanced visibility and security for hybrid and multi-cloud environments.
- CrowdStrike’s Falcon endpoint protection platform integrates with Zscaler’s cloud-native security service edge (SSE) solution.
- Tenable’s vulnerability management solutions integrate with Splunk’s security information and event management (SIEM) platform to offer better risk management and compliance reporting in cloud environments.
- Check Point integrates its CloudGuard platform with CyberArk’s privileged access management (PAM) solutions, providing strong access controls and real-time threat detection for privileged accounts.
- Cisco SecureX integrates with Google Chronicle to deliver enhanced threat detection and incident response for cloud and hybrid environments.
- Fortinet’s security solutions, such as FortiGate firewalls, integrate with AWS Security Hub to provide cloud-native threat detection and automated incident response.
