Friday, October 12, 2007

Security SaaS Is Coming?

Fun read from a VC: "Perhaps not, but contrary to what many believe, SMBs understand full well that they face the same risks and regulations as large corporations. [...] This unmet market need represents an enormous opportunity for the new generation of security companies developing on-demand solutions, or Software-as-a-Service (SaaS). Instead of deploying their own servers and infrastructure, SMBs can now subscribe to security solutions priced by the drink (so we can buy a quart of milk instead of the cow)."

The future?

2 comments:

Anonymous said...

"The future?"

Um, yes.

Security SaaS is already here in many forms: Qualys, Veracode, etc. and quite frankly any MSSP who offers off-prem centralized secure "anything" is technically providing SSaaS.

I started a business in 1995 (which I sold to a nationwide DSL provider in '99) that did just this.

Services in the cloud (or clean pipes) is really the same thing...it's security software implemented as a service.

You bet it's the "future" -- and not just for SMB's.

Check out this link for an example.

http://rationalsecurity.typepad.com/blog/2007/07/services-in-the.html

/Hoff

Anton Chuvakin said...

Well, I still think that only a small portion of security is really SaaS now. Yes, everybody knows Qualys, but there is not much else credible.

Yes, until recently I piled MSSPs with SaaS, but somebody explained a few key distinctions to me so I kinda became enlightened :-) MSSP is the present, for sure, but moving many security products to SaaS model seems like a trend to watch, not reality...

Dr Anton Chuvakin