August is here, summer’s halfway gone, and while the weather may be slowing people down, the channel is heating up. From fresh funding and bold M&A moves to sneaky social engineering attacks and sales-boosting tech, we’ve rounded up the biggest stories MSPs need to beat the dog days of summer and finish the season strong.
And if you weren’t able to make it to ChannelCon 2025 in Nashville, no need for FOMO. Check out our coverage here.
Happy reading!
Products & Solutions
Liongard Introduces HunterX for External Threat Intelligence
Liongard, an attack surface management platform for MSPs, launched HunterX, a tool for external exposure scanning. The standalone tool enables MSPs to run ongoing and agentless scans for existing clients to help uncover new risks. In addition, Liongard says HunterX can be used as a sale tool, enabling sales teams to scan public domains, uncover exposed assets, and generate AI-enriched reports.
“HunterX is about partner power,” said Michelle Accardi, CEO of Liongard, in a press statement. “We’re giving MSPs the visibility and tools to drive pipeline, prove value fast, and grow their business.”
With HunterX, MSPs can run scans to uncover exposed domains, services, endpoints, and email records with zero setup required, according to Liongard. HunterX can also reveal if a domain’s credentials have been breached or leaked on the dark web. And MSPs can monitor prospects’ scan history, engagement, and conversion activity over time.
MSPs can trial HunterX or purchase credits; no LiongardIQ subscription is required.
Partnerships & Integrations
KnowBe4 SecurityCoach to Integrate with Microsoft Edge
KnowBe4, a human risk management platform, announced a new collaboration with Microsoft to integrate KnowBe4 SecurityCoach with the Microsoft Edge for Business browser. The integration leverages browser activity through native security signals to deliver learning opportunities within seconds of detecting risky online behaviors, such as password reuse, visits to blocked sites, or attempts to bypass security warnings.
“This new integration presents an ideal opportunity to turn people-centric cybersecurity risks into teachable moments that will ultimately help to better protect businesses,” said Stuart Clark, VP of product strategy at KnowBe4, in a press statement. “This integration continues KnowBe4 innovation with Microsoft, building upon our successful KnowBe4 Defend integration with Microsoft Defender for Office 365 that launched earlier this year.”
CyberFOX to Bundle Blackpoint Cyber Solutions
Blackpoint Cyber, an MDR provider, and CyberFOX, a privileged access management provider, announced that CyberFOX will become an official reseller of Blackpoint’s cybersecurity solutions.
In addition to bundled solution access, Blackpoint will provide all CyberFOX partners with dedicated technical support and resources, helping partners onboard quickly and maximize value. The partnership builds on the companies’ shared commitment to improving cybersecurity resilience for MSPs by reducing risk through consolidation, automation, and enhanced visibility.
Partner Programs
Sophos Unites Sophos and Secureworks Partner Programs
Cybersecurity company Sophos launched a new partner program that brings together Sophos’ and Secureworks’ global partners into one integrated ecosystem.
“The new Sophos Partner Program is designed to reflect the way partners want to build and scale their business today,” said Chris Bell, Sophos SVP of global channel, alliances, and corporate development. “It offers a flexible and profitable path to growth, whether partners are expanding their managed services, launching cybersecurity advisory offerings, or scaling existing practices. With this program, we’re doubling down on our commitment to deliver the tools, incentives, and support that help our partners lead in a rapidly evolving cybersecurity market.”
This launch marks a significant expansion in the services and support available to partners, according to Sophos, and enables partners to develop programs and services that align with their business models and go-to-market strategies. Partners now have access to a portfolio spanning endpoint, network, email, cloud security, XDR/MDR, identity threat detection and response (ITDR), and next-gen SIEM—all centrally managed through the Sophos Central platform and complemented by advisory and consulting services.
In addition, partners gain access to incentives, integrated sales and marketing resources, and advanced enablement through Sophos Academy’s new MDR Guided Onboarding and sales quick-start certifications. The program also provides expanded access to Partner Care, Renewal, and Customer Success teams, as well as free certification training for the entire partner community.
Sales tools available to partners include an AI Sales Assistant that provides real-time guidance on portal navigation, resource location, and sales insights. Sophos also enhanced the partner portal with improved guided quoting, device and license management, opportunity management, and compliance dashboards.
Current partners gain all the new benefits automatically.
Cynomi Launches ELEVATE Partner Program
Cynomi, an AI-powered vCISO platform provider, launched its ELEVATE partner program. ELEVATE is built around a tiered structure and offers support, training, tools, and co-marketing opportunities and rewards performance as partners grow.
“With our recent Series B investment, we are uniquely positioned to invest even more in the success of our partners,” said David Primor, Ph.D., co-founder and CEO of Cynomi, in a press statement. “ELEVATE is more than just a partner program, it’s a growth engine that enables our partners to scale their cybersecurity offerings, differentiate their services, and unlock new value streams with speed and confidence … This is just the beginning of what we’re building to support our growing partner ecosystem.”
M&A – MSPs
CompassMSP and BlackPoint IT, both with multiple locations throughout the country, merged to form a nationwide platform operating as CompassMSP. Michael Rapp is CEO of the newly combined company … Evergreen, a family of managed IT services and software partners, expanded into Ireland with the acquisition of Spector, a Dublin-based IT MSP with a 23-year track record. Spector will continue to operate independently under Lyra Technology Group, and Jamie Crooks, previously operations director, steps into the CEO role. Founder Mark Hurley will transition to chairman.
M&A – Vendors
Palo Alto Networks gets into identity security with its agreement to acquire CyberArk. CyberArk’s capabilities will be deeply integrated into Palo Alto Networks’ Strata and Cortex platforms, leveraging AI to deliver identity-aware security and real-time response across the entire enterprise.
“Our market entry strategy has always been to enter categories at their inflection point, and we believe that moment for identity security is now,” said Nikesh Arora, chairman and CEO of Palo Alto Networks, in a press statement. “This strategy has guided our evolution from a next-gen firewall company into a multi-platform cybersecurity leader. Today, the rise of AI and the explosion of machine identities have made it clear that the future of security must be built on the vision that every identity requires the right level of privilege controls.”
The transaction has been unanimously approved by the boards of directors of both Palo Alto Networks and CyberArk, and is expected to close during the second half of Palo Alto Networks’ fiscal 2026, subject to the satisfaction of customary closing conditions, including the receipt of regulatory clearances and approval by CyberArk shareholders.
Fundraising
Attack surface management technology provider Cavelo secured a CAD$5M seed extension financing round led by Inovia Capital, a Canadian-rooted VC firm. The investment will support product development and sales and marketing efforts to meet growing customer demand.
“Cavelo’s growth over the past year has been nothing short of incredible, driven by our strategic pivot to a 100% channel-first model. We’re meeting the moment for MSPs and MSSPs who are hungry for new ways to deliver meaningful risk reduction to their customers,” said James Mignacca, CEO at Cavelo, in a press statement. “Our platform is redefining data security posture management—giving service providers the visibility they need to understand and act on their customers’ risk exposure, while empowering end customers with real, measurable improvements to their security posture. This funding fuels our continued momentum and strengthens our commitment to our partners and their success.”
People
Addigy, a provider of MDM software for Apple devices, appointed Jason Tober president and CEO, effective immediately. Tober will report to the Addigy board of directors as well as join the board. Tober most recently served as a GM with PAR Technology … KnowBe4, a human risk management platform, appointed Keith Bird executive vice president, overseeing international business in Europe, Middle East, Africa, Asia-Pacific, Japan and Latin America. Bird has held senior leadership and executive roles at global companies including Proofpoint, F5, Symantec, Checkpoint, SonicWALL, Extreme Networks and EDS … NinjaOne, the automated endpoint management platform, appointed Geoff Davies VP and country manager for Australia and New Zealand (ANZ). Prior to NinjaOne, Davies led enterprise sales for ServiceNow in ANZ for more than a decade.
By the Numbers
Alarming Rise in Sophisticated Social Engineering Attacks
New research from LevelBlue reveals a dramatic surge in social engineering attacks and faster breakout times by increasingly sophisticated adversaries, driving a threefold surge in cybersecurity incidents during the first half of 2025. The second edition of the LevelBlue Threat Trends Report, Fool Me Once: How Cybercriminals are Mastering the Art of Deception, also reveals that while business email compromise (BEC) remains the most common method for initial access, non-BEC incidents rose by 214%. And once attackers are in, the average breakout time (or how fast attackers can move laterally after initial access) is under 60 minutes, and in some cases, less than 15 minutes.
The massive uptick in social engineering attacks, accounting for 39% of initial access incidents observed during the first half of the year, can be attributed to the increasing number of fake CAPTCHA social engineering attacks, especially ClickFix campaigns, which jumped 1,450% from the second half of 2024 to the first half of 2025. These attacks leverage user trust and urgency to easily gain access into organizations’ networks.
“A striking development in the first half of 2025 is how much more sophisticated threat actors have become at deception,” said Fernando Martinez Sidera, lead threat researcher at LevelBlue, in a press statement. “They’re moving beyond traditional BEC schemes and using targeted social engineering to manipulate users into opening the door. Once inside, they’re deploying remote access trojans and quickly covering their tracks, allowing them to move laterally through networks with alarming speed. This isn’t a one-off trend—we fully expect this shift to continue throughout 2026.”
Best Practice Recommendations
The report, which analyzed cyber threat activity from January 1 through May 31, 2025, has some recommendations for MSPs:
- Educate customers on fake CAPTCHA attacks like ClickFix and other browser attacks.
- Consider restricting PowerShell or command prompt use for non-administrator accounts.
- Develop and enforce caller verification protocols and processes, such as MFA, code words or phrases, or identity verification platforms.
- Enforce usage of MFA and certificates for VPN access. Deploy a jump box if RDP must be used from outside the network.
- Remove Quick Assist from all end-user machines unless explicitly required for business and IT services.
- Follow guidance on preventing the download and execution of RMM software. Threat actors will have victims download other tools if Quick Assist is not available during a fake help desk attack.
- Stay up to date on vulnerabilities and patch releases related to applications, software, and hardware. Patch as soon as possible, especially if there is a proof-of-concept exploit released.