Cue the screech and hiss of an AOL dial-up connection. After 30 years, AOL announced it’s pulling the plug on that service on September 30. (Remember kicking your kids off the internet so you could use the phone? No? Just boomers like me?) While clunky, that connection to the internet felt full of promise. Fast forward to today, and the channel is dealing with a very different kind of connection and promise—AI that can think, learn, and act on its own without waiting for you to hit “connect.”
This week’s channel news reflects those leaps and bounds in technology, from Trend Micro’s launch of an agentic AI-powered SIEM to Titan’s $74M bet on building an AI-enabled MSP rollup. We’ve also got ScalePad making compliance easier (and cheaper) for MSPs, SonicWall rolling out firewalls with built-in Zero Trust, and AvePoint reimagining its partner program to reward engagement over revenue alone. Plus, there’s new data on the rise of social engineering and data theft that you’ll want to talk with clients about.
Happy reading!
Products & Solutions
ScalePad Announces Free GRC Platform Built for MSPs
ScalePad announced two new tiers of the ControlMap MSP-native compliance platform: ControlMap Free and ControlMap Essentials.
ControlMap Free is designed to give MSPs a fast, zero-cost way to enter the compliance market, according to ScalePad. MSPs can activate a client portal, run guided assessments, and identify risks using frameworks such as NIST CSF, HIPAA, CIS Controls, GTIA Trustmark, Cyber Essentials (UK), Australia’s Essential 8, CyberSecure Canada, and more.
ControlMap Essentials enables MSPs to move from assessments to ongoing delivery of vCISO services on any one of more than 60 supported frameworks, including SOC 2, ISO 27001 and CMMC. MSPs can leverage risk registers with pre-built risk sets, policy management with templates, evidence tracking, and workflow integration with ScalePad Lifecycle Manager.
The new tiers are in addition to ControlMap Pro, which offers full audit readiness with advanced capabilities such as multi-framework support, integrations for automated monitoring and continuous evidence collection, vendor risk management, and a fully featured Trust Center.
“We’re giving MSPs a way to immediately stand up a client-facing compliance program, grow it profitably, and deliver true strategic value—all inside a platform built just for them,” said Chris Day, founder and CEO of ScalePad, in a press statement. “We’ve removed the cost and complexity from building a risk management practice and given MSPs the ability to start delivering measurable compliance outcomes from day one.”
ControlMap is fully integrated with ScalePad’s broader platform, including Lifecycle Manager and ScalePad OS. This allows MSPs to embed compliance into QBRs, budgeting, and long-term client planning.
SonicWall’s New Firewalls Feature Built-in Zero Trust and Unified Management
SonicWall introduced nine new firewalls, part of its Generation 8 portfolio. The models range from the ultra-compact TZ280 to the high-performance NSa 5800.
Every model is equipped with cloud-native management built for service providers through SonicWall Unified Management, built-in zero trust capabilities, the latest SonicOS enhancements, and is protected by SonicWall’s embedded cyber warranty. Additionally, the entire Generation 8 lineup can be purchased with the Managed Protection Security Suite (MPSS), enabling co-managed security services delivered by the SonicSentry team of security professionals.
According to the company, this announcement underscores SonicWall’s commitment to delivering integrated cybersecurity solutions that address today’s threat landscape from the endpoint to the local network to the cloud.
“We’re not just delivering a new set of high-performance firewalls, we’re preparing our partners and their customers for the latest threats and market requirements,” said Bob VanKirk, president and CEO of SonicWall, in a press statement. “Our new firewall lineup is just one part of a broader, unified platform strategy. With SonicWall Unified Management, embedded ZTNA, the SonicSentry managed services team, and the industry’s first built-in cyber warranty, we’re helping partners shift from resellers to high-value security providers.”
Trend Micro Launches Agentic SIEM
Trend Micro announced new agentic AI technology designed to solve the traditional pain points associated with Security Information and Event Management (SIEM). When combined with Trend’s digital twin capabilities it will help to proactively mitigate security risks.
Trend’s Agentic SIEM leverages the next generation of AI technology to proactively think, learn, and act, according to the company.
The agentic SIEM supports 900+ data sources and reduces onboarding for new log types. In addition to Trend’s XDR, the agentic SIEM brings in third-party telemetry to provide a full view of the environment. It also offers up to seven years of archival data retention and two years of analytic retention for enhanced detection, threat hunting, and compliance support.
Partner Programs
AvePoint Launches Enhanced Points-Based Global Partner Program
AvePoint, a provider of data security, governance and resilience solutions, unveiled its modernized Global Partner Program, which the company says reinforces its commitment to expanding its channel service delivery ecosystem and investing in partner growth. The new points-based system rewards active participation, tracks meaningful performance, and now offers partner expanded access to technical resources, certifications, and sales enablement.
Now, partners advance through tiers based on engagement and expertise rather than revenue alone. This enables smaller but committed partners to access premium benefits and support, while also equipping larger partners with additional means to earn points such as renewal rates and co-marketing engagement.
In addition, higher-tier partners now have access to white glove benefits along with lead sharing, co-sell support, business investment funds, and dedicated solution engineering resources.
“Today’s channel landscape demands a more flexible approach that recognizes the diverse ways partners create value,” said Scott Sacket, SVP of partner strategy for AvePoint, in a press statement. “Our new points-based program acknowledges that successful partnerships are built on competency development, pre-sales engagement, and customer success in critical areas like data security. By rewarding these activities, we’re creating a framework that helps our partners transition to high-value service offerings while strengthening customer relationships.”
Partnerships & Integrations
GoTo Announces LogMeIn Resolve Integration with SentinelOne EDR
GoTo integrated LogMeIn Resolve with the SentinelOne Singularity Platform for EDR. The integration provides MSPs and IT departments with access to accelerated threat detection, 24/7 intelligent monitoring, real-time response to incidents (respond instantly from Resolve to remediate any detected threat, mitigating risks and minimizing impact), and enhanced forensic capabilities such as granular event logs, telemetry, and root cause data.
Absolute Security Integrates with ConnectWise RMM
Absolute Security has achieved a certified integration with ConnectWise RMM on the ConnectWise Asio platform for Absolute Resilience for MSPs. Available in the ConnectWise Marketplace, Absolute Resilience for MSPs provides recovery, compliance, and protection for MSP-managed endpoint devices.
The solution can monitor key device attributes and self-heal critical security applications. It can also restore PCs back to a fully secure, compliant, trusted, and operational state after an IT or security incident—remotely, with a single click. In addition, it can freeze compromised endpoints, securely wipe data with proof of erasure for audits, enforce encryption, and maintain rules-based geofencing for mobile PCs
Absolute Security is partnered with 28 of the world’s leading PC OEMs and embedded in the firmware of more than 600 million leading Windows endpoints.
M&A – MSPs
New AI-Enabled MSP Rollup Acquires RFT, Raises $74M
Titan, an AI holding company, acquired RFA, an MSP serving the financial services industry, with the goal of building an AI-enabled MSP. The company also announced $74M in funding led by General Catalyst.
Titan says it is reimagining what the future of IT services looks like by combining augmented AI and human service. With the acquisition of RFA, Titan is establishing its first MSP platform to operationalize and scale its augmented AI capabilities.
“We believe the future of IT services isn’t just AI or people. It’s the combination of the two,” said Saurin Patel, co-founder and CEO of Titan, in a press statement. “Our mission is to empower the humans behind the screen with AI that makes them faster, smarter, and more strategic. This funding and our acquisition of RFA marks the first step in building a new kind of MSP: one that blends deep, service-focused expertise with the scale and tech DNA of a software company.”
“We believe we’re at the start of a major shift in how IT services are delivered,” said Marc Bhargava, Managing Director at General Catalyst, in a press statement. “Titan is building, in our view, the infrastructure and intelligence layer to power the next generation of MSPs, blending the scalability of software with the nuance and care of human service. We’re thrilled to back this team as they set out to reshape an entire category.”
Distribution & Marketplaces
1Password’s 1Password Enterprise Password Manager – MSP Edition is now available on the Pax8 Marketplace. 1Password’s dedicated MSP solution delivers secure, scalable, and easy-to-manage credential protection built for how MSPs secure access, protect client data, and manage complex client environments.
“Joining the Pax8 Marketplace puts 1Password directly into an ecosystem MSPs already trust, advancing our channel-first strategy and extending our reach to more MSPs around the world,” said David Faugno, CEO at 1Password, in a press statement.
People
ThreatDown, a business unit of Malwarebytes, appointed Kendra Krause as its general manager. A seasoned cybersecurity executive with over 20 years of experience building and scaling global channel go-to-market strategies, Krause most recently served as SVP of global channels at Sophos, where she led the company’s transition to a fully channel-first model and drove partner growth across SMB, mid-market, and enterprise segments. She has also held leadership roles at Fortinet, SonicWALL, and WatchGuard.
Compliance
Keepit, a SaaS data protection vendor, achieved its SOC 2 Type 1 attestation report. The SOC 2 Type 1 report, developed by the American Institute of Certified Public Accountants (AICPA), evaluates the design of an organization’s internal controls related to key trust service principles at a specific point in time.
“Achieving SOC 2 Type 1 attestation is a significant step forward in demonstrating our commitment to transparency, trust, and continuous improvement in how we protect customer data,” said Kim Larsen, chief information security officer at Keepit, in a press statement. “It’s a milestone that many of our customers—and prospects—have asked for, and we’re proud to deliver.”
By the Numbers
New Research: Attackers Are After People, Processes, and Reputation
New research from Coveware by Veeam uncovers a dramatic escalation in targeted social engineering attacks and a surge in ransom payments driven by sophisticated data exfiltration tactics.
Data theft has overtaken encryption as primary extortion method, according to the Q2 2025 ransomware report. The research finds that exfiltration was a factor in 74% of all cases. Multi-extortion tactics and delayed threats are on the rise too, keeping organizations in the crosshairs long after an initial breach.
The data also shows that social engineering is driving the biggest threats. Three major ransomware groups—Scattered Spider, Silent Ransom, and Shiny Hunters—dominated the quarter, each leveraging highly targeted social engineering to breach organizations across sectors. These groups abandoned mass opportunistic attacks for precision strikes, using novel impersonation tactics against help desks, employees, and third-party service providers.
While the overall rate of organizations paying ransoms held steady at 26%, those who do pay are paying more. Both the average and median ransom payments rocketed to $1.13 million (+104% from Q1 2025) and $400,000 (+100% from Q1 2025), respectively. The report attributes this spike to larger organizations paying out after data exfiltration-only incidents.
Professional services (19.7%), healthcare (13.7%), and consumer services (13.7%) bore the brunt of attacks.
“The second quarter of 2025 marks a turning point in ransomware, as targeted social engineering and data exfiltration have become the dominant playbook,” said Bill Siegel, CEO of Coveware by Veeam. “Attackers aren’t just after your backups—they’re after your people, your processes, and your data’s reputation. Organizations must prioritize employee awareness, harden identity controls, and treat data exfiltration as an urgent risk, not an afterthought.”
Coveware by Veeam’s quarterly report is based on firsthand data, expert insights, and analysis from the ransomware and cyber extortion cases that they manage each quarter.