Kaseya has acquired Graphus, a cloud-based email security and phishing defense platform for Microsoft Office 365 and Google G Suite. The acquisition surfaced as part of this week's Connect IT Global 2020, a virtual Kaseya event for MSPs (managed IT service providers) and IT professionals that run the company's IT management and business automation software tools.
This is M&A deal 334 that ChannelE2E has covered so far in 2020. See the full M&A deal list here.
Graphus, founded in 2015, develops cybersecurity software that identifies social engineering, spear phishing, and malware attacks. Graphus of Reston, Virginia, has patented AI technology that can establish a "Trust Graph" between people, devices, and networks to reveal untrusted communication and detect threats, the company says. MSPs and IT professionals can activate Graphus in less than a minute, founder Manoj Kumar Srivastava indicates in his biography.
Kaseya Acquires Graphus: Security Capabilities Explained
Kaseya is integrating Graphus with software from ID Agent, another Kaseya-owned security platform. According to the buyer: "Today’s addition of Graphus allows customers to augment their existing ID Agent Digital Risk Protection (DRP) Platform – including Dark Web ID, a Dark Web monitoring platform, BullPhish ID, a phishing simulation and cybersecurity awareness training solution, and Passly, a secure identity and access management solution – with Graphus’ automated email defense solutions."
The Graphus solution provides three layers of defense for Microsoft Office 365 and G Suite emails, Kaseya says. Those layers are:
- TrustGraph automatically detects and quarantines any malicious emails that break through an organization’s email security platform or existing Secure Email Gateway (SEG), so the end user never interacts with harmful messages, Kaseya says.
- EmployeeShield alerts recipients of a potentially suspicious message by placing an interactive warning banner at the top that allows users to quarantine or mark the message as safe with a single click, Kaseya adds.
- Phish911 proactively quarantines suspicious emails for IT to investigate before an employee can be phished, Kaseya concludes.
Kaseya Acquires Graphus: Executive Perspectives
In a prepared statement about the deal, Kaseya CEO Fred Voccola said:
“The acquisition of Graphus catapults IT Complete to the next level and secures Kaseya’s position as the only comprehensive, tightly integrated, cost effective platform in the industry to deliver all IT and security management needs for MSPs and SMBs in a single platform. Kaseya can speak to Graphus’ impressive capabilities firsthand, having been a customer for nearly a year. Like most other businesses, we face countless phishing and identity-spoofing attacks every week. As an Office 365 shop, we were relying on O365’s Advanced Threat Protection, but found a lot was still getting through. With Graphus protecting over 3,200 Kaseya inboxes and processing over 22 million of our emails, we’ve eliminated about 250,000 unsafe emails, quarantined nearly 15,000 phishing attacks, and blocked 3,400 executive spoofing and 2,400 impersonation attacks. Having seen these outstanding results for ourselves, I’m even more excited to extend the same unmatched protection to our customers so they can close the security gaps of their cloud email platforms and, for MSPs, provide a low-cost solution to generate additional profits.”
Added Manoj Srivastava, CEO and co-founder of Graphus, who will now lead Kaseya’s cloud email security practice:
“We’re thrilled to join the Kaseya family and integrate Graphus into Kaseya’s IT Complete platform. We’ve already integrated Graphus and BullPhish ID to provide seamless provisioning of our automated phishing defense solution to existing BullPhish customers, and are diligently working to build additional integrations into IT Complete. With phishing attacks on the rise, Kaseya customers can now amplify their existing suite of security tools with Graphus’ powerful automated email defense to create the most comprehensive, end-to-end security stack possible.”
The Kaseya-Graphus deal will face competition. Multiple email security companies develop tools specifically for MSPs. Key names to know include include OpenText's Webroot, Mailprotector, Sophos and VIPRE Security, just to name a few. Upstarts like Cyberfish also are in the market.
Kaseya: Next Potential Moves & Competition
Kaseya, owned by private equity firms Insight Partners and TPG, is also marching toward a potential financial event. Kaseya in January 2020 declared that the company had a $2 billion valuation, and CEO Fred Voccola at the time predicted the company would be publicly held by mid-2021. We don’t know if or how the company’s plans have changed during the coronavirus economy.
Meanwhile, many of Kaseya's traditional MSP software rivals are also making security- and financial-related moves. Among the potential ecosystem developments to watch:
- Barracuda, owned by Thoma Bravo, is best-known as a security vendor. But the company also has RMM (remote monitoring and management) capabilities designed for MSPs.
- ConnectWise, also owned by Thoma Bravo, has been busy digesting the Continuum acquisition — though multiple sources indicate that the company could be looking to resume M&A activity soon. On the security front, ConnectWise recently introduced new Certify Advanced playbook and courses. and the company is prepping a virtual IT Nation Secure 2020 conference, while also emphasizing its Perch Security partnership.
- Datto, owned by Vista Equity Partners, filed for a potential IPO (initial public offering) in July 2020. That doesn’t guarantee an IPO will occur. But it does put the wheels in motion toward a potential financial event. And it may also attract potential suitors to Datto’s front door for M&A discussions, ChannelE2E believes. Also of note: Datto CISO Ryan Weeks has been one of the highest-profile educators in the MSP security market.
- NinjaRMM recently expanded into the data protection market, and CEO Sal Sferlazza remains focused on organic software development to further expand the company's overall MSP software platform.
- SolarWinds may spin off SolarWinds MSP, while continuing to emphasize security developments like SolarWinds Endpoint Protection (in partnership with SentinelOne). SolarWinds is publicly held, though Thoma Bravo and Silver Lake together own most of the company.
Visit this story for a closer look on next potential private equity moves in the MSP software market.
