WhiteDog founder Shahin Pirooz understands MSP pain points. As CTO of CenterBeam, an early pure play MSP that was later acquired by EarthLink, Pirooz understands firsthand the ins and outs of remote IT support and the challenges of managing a tool stack. With WhiteDog’s approach to curating a cybersecurity stack, MSPs can consume one preconfigured platform that is fully integrated and backed by 24/7 security operations.
In this conversation, Pirooz shares why WhiteDog took a curated approach to its cybersecurity platform, the benefits of their composable model for MSPs, and why WhiteDog acts as a cybersecurity “accelerant” for partners. This is an edited and condensed version of that conversation.
MSP Success: Tell me about WhiteDog.
Shahin Pirooz: I joined WhiteDog in 2016 and in 2018 we launched our first service and used that company as Partner Zero to evaluate how it works, how the integrations work, and how we take it to market through the channel. Fast forward, every quarter we’ve launched a new product, creating a cybersecurity-as-a-service platform. We [have] about 45 technologies, 35 of them are commercial and 10 are open source. We OEM these technologies, curate them, integrate them continuously, improve on the integrations between them, and then also continuously improve the tools themselves. We’ve made that stack composable so we can rip and replace technologies while removing multiple pains for our partners. We officially came out of stealth in June of 2023.
MSP Success: Do you have private equity or VC money?
Pirooz: Completely bootstrapped. We were generating profit after about the third customer and have grown the business fiscally responsibly. Every VC and private equity [is] knocking at our door, but we’re not at a place yet to have that conversation. We will at some point probably do a scale up, but for increasing sales and marketing and growing the business.
MSP Success: Did you develop the cybersecurity platform specifically for MSPs?
Pirooz: Yes. Our intention was it was 100% white labeled [and] integrated with their single sign-on and all the other things that they need. We gave them full control, full access into the platform on the backend, and we made it so that we could interact with their customers if they wanted, or do all the interactions themselves. Everything was designed with MSPs in mind. We solved all of the pain points that we felt when we were trying to grow CenterBeam.
We made it a consumption-based offering, so they pay for what they use. There are no minimums. They can start with one seat and grow. We [have] monthly contracts, gave them tools to help them grow their business, made investments in companies like GlassHive and we gave them access so they can grow their marketing and have collateral. We spent a ton of time creating marketing campaigns that they can take to market. And we built training for MSPs to talk about security.
MSP Success: How is your cybersecurity platform different from other offerings?
Pirooz: We’re an enterprise-class curated cybersecurity platform. All of the technologies that we deploy are commercial enterprise-grade tools. They’re not the MSPs’ tools coming from the ConnectWises of the world. Some of them don’t go beyond a certain number of seats, which is fine for MSPs that are dealing with smaller companies, but you don’t get all the features and bells and whistles you need to properly do security either. So today our stack has about 18 products in it, including MDR, XDR, advanced email protection, DNS security. We do micro segmentation, zero trust, network access, security awareness training, simulated phishing, attack surface management. So it’s an entire security portfolio and we’ve made it consumable in such a way that you can plug the gaps that you have as opposed to having to take the whole thing.
MSP Success: How do you price?
Pirooz: Per node, because the node is different depending on the surface. So if it’s an email service, it’s based on mailboxes. If it’s an identity service, it’s based on number of accounts. If it’s an endpoint service, it’s based on servers, workstations, laptops. Everything is node-based with the exception of the SIEM, which is a storage capacity-based solution. Every product has its own price.
We also have partner tiers. So based on how much they’re consuming, we put them in higher discount tiers.
MSP Success: Is your platform appropriate for smaller MSPs?
Pirooz: Yeah, our largest end customer is 30,000 seats; our smallest end customer is one seat. And that one-seat company is getting our complete offering. There’s no way any single company can get all that security for what they pay through us. [MSPs] can effectively protect every single layer that an organization needs at a price point that doesn’t put them under. And it doesn’t require them to buy a bunch of tools [or] hire a bunch of experts. We are able to shift that burden from them to us for whatever that consumption fee is to either fill the gaps or to do the whole thing for them.
We believe that your degree of security shouldn’t rely on how smart you are, how many people you have, the company size, that you should have equal opportunity to these security services. And an MSP who may not have all of that expertise, they might be doing IT help desk, they might be doing break fix, they don’t know security services yet. Their customers need it and are demanding it. And so we’re really helping them get into the market faster. It’s really an accelerant for our partners [and] accelerated maturity of a security posture for a customer. So there’s a value chain there that’s very attractive.
MSP Success: Why did you choose to curate solutions rather than develop them?
Pirooz: We do have a lot of development—the portal, the white labeling, the multi-tenancy, the single sign-on integrations, our APIs, and we made it composable. Partners integrate with and interact with [our APIs]. They don’t have to learn new APIs if we change the technology.
That’s the biggest burden we lift off of our partners. They don’t ever have to spend cycles evaluating, integrating, and configuring tools. They just use these technologies in our platform to operate their business. [MSPs] can do all the work themselves, or they can rely on us to do the monitoring and security for them.
MSP Success: Tell me about your partner program.
Pirooz: The [partner] portal is built into the platform itself. So partners see things that the end customers don’t, and partners also have the control to say, “I don’t want my end customer to be able to log into the portal,” or “I only want them to be able to see reports.” We’ve built our own single-sign-on stack that allows both the partner and the customer to log in with their own credentials.
One key thing is we will allow a partner to sign up in our gold tier, which gives them deeper discounts. And then we measure where they’re at against the goals for that tier the second December. So if they sign in January, they have 23 months to make the number they need to stay in that tier.
And for silver and up, we give the GlassHive platform fully subsidized. We’ve got some really great training that we put into our academy so they can come up to speed in security.
MSP Success: I usually ask what’s on your product roadmap, but I assume for you it’s more like what else might you be adding to your solution set?
Pirooz: We look at it as a product roadmap. There’s a couple things that will be coming in the first quarter. One of the things I’m most excited about is our data risk management offering, and that is effectively the ability to monitor the files that an endpoint has access to, whether they be on cloud or on the endpoint. Also scanning their cloud environments like OneDrive, SharePoint, all that. And then presenting to them based on whatever compliance they’re concerned about, PCI or HIPAA or whatever, what is the data risk associated here? Think of it like a DLP analysis, but what is the data risk? And by the way, if you were to get this data stolen, here’s how much the market price for ransomware is today for this data. And so showing them a risk assessment they can take to their customer.
The other, we’re spending a lot of cycles right now extending our XDR offering to include much more identity security monitoring. [And] we’re adding a fifth edition [of XDR] called XDR Open, taking all of the monitoring correlation, our security operations, our threat hunting, the attack surface management, the things we’re adding to the platform, and layering it on the investments that the end customers make.
MSP Success: Is there anything I didn’t ask you that our readers should know about WhiteDog?
Pirooz: One thing we hear is, “Aren’t you just a Frankenstein of tools?” My immediate reaction to that question is, “Well, aren’t you also a Frankenstein of tools, and do you want to continue to manage that Frankenstein and figure out how to keep it alive?” That’s the mindshift that I think we need to think about. Would you rather be a consumer of cybersecurity or a provisioner of cybersecurity? And that’s the change that we bring to the market.
If you missed our roundtable on choosing a tool stack, wee MSP Success Roundtable: Critical Tool Stack Decisions Every MSP Must Get Right.
