SolCyber has emerged from stealth with $20 million in Series A funding from ForgePoint Capital, claiming to be the first modern MSSP for the mid-market. Venture funding for an MSSP is not unknown, but not common. It indicates that VC has confidence that the MSSP can grow into a sizeable firm.
This is certainly SolCyber’s intention. Scott McCrady, CEO at SolCyber, told SecurityWeek that he has global intentions, starting with the U.S., expanding into Europe, and then other areas of the globe. The money raised, said SolCyber in a statement announcing the investment, “will be used to extend its technology offerings, build market awareness, drive customer growth and support an aggressive hiring strategy.”
Central to the firm’s strategy is its use of a ready-made curated technology stack, including endpoint with EDR capabilities, lateral movement detection, advanced email security and active directory and admin exploitation prevention, wrapped in an MSSP Offering. This enables mid-market firms with inadequate security to move straight to a secure posture.
“We’re coming in with what we call a curated tech stack,” McCrady explained. “We’ve looked at the kill chain and examined how attacks are happening, and we’re bringing in five or six pieces of technology that cut across the kill chain to secure an organization in an efficient manner. We package that into an approachable way of buying it.”
So, considering a hypothetical firm with 300 employees, McCrady and SolCyber believe, “You need to get your employees trained a little bit (so, we include some phishing and security awareness training); you must have protection against advanced email threats because it is still the primary threat vector (so we include that); you need some really strong endpoint protection because that’s where the bad guy lands (and that is included); and then you need some basics around defending your Active Directory to protect privileged accounts and prevent lateral movement.
Our belief,” he continued, “is that if we can come in and provide this entire packet of technologies and wrap a good managed service around that, and price it in an easy and approachable manner, then we will make a big difference in the MSSP market.”
McCrady told SecurityWeek that SolCyber is not wedded to its own choice of security solutions. “If a firm already has a license to use a particular solution, we can absorb and manage that product,” he said.
The attraction of an MSSP provider for mid-market organizations has never been greater. Cyber threats are increasing. Ransomware is ubiquitous, and mid-range firms are attracting sophisticated gangs and even state-sponsored attackers trying to break into large enterprise supply chains. Cyber solutions are becoming more complex, more costly, and more difficult to manage; and finding and hiring qualified security professionals to run an in-house SOC is difficult. An MSSP can solve all these problems by providing both the technology and the expertise to use it.
“We know it is hard for mid-sized organizations to stay secure,” said McCrady. “There are thousands of security technologies and hundreds of providers. Trying to figure out how to build the right security stack is tough and time consuming. With attacks being ever more sophisticated we want to help simplify the challenge of securing an organization.”
What we provide, he told SecurityWeek, is a foundational security platform. “It is the basis for a good security posture. But clients can layer in additional security, and we offer a takeover service for those products.”
The basic premise for SolCyber is the immediate provision of a good security posture, which clients can expand over time as and when and if required.
Related: Goldman Sachs Leads $53 Million Investment in MSSP deepwatch
Related: The Symbiosis Between Public Cloud and MSSPs
Related: Reinventing Managed Security Services’ Detection and Response

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.
More from Kevin Townsend
- Sysdig Introduces CNAPP With Realtime CDR
- OWASP’s 2023 API Security Top 10 Refines View of API Risks
- Zoom Expands Privacy Options for European Customers
- SBOMs – Software Supply Chain Security’s Future or Fantasy?
- Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign
- Quantum Decryption Brought Closer by Topological Qubits
- IBM Delivers Roadmap for Transition to Quantum-safe Cryptography
- CISO Conversations: HP and Dell CISOs Discuss the Role of the Multi-National Security Chief
Latest News
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack
- Sysdig Introduces CNAPP With Realtime CDR
- Stay Focused on What’s Important
