AWS Unveils Level 1 Managed Security Services Competency

Sophos, Alert Logic and IBM Security tell Channel Futures what that means for channel partners.

Kelly Teal, Contributing Editor

August 24, 2021

5 Min Read
Level 1 on video game

As cybersecurity threats increase, more organizations and managed service providers alike understand the need to protect networks and assets. But accomplishing this is, of course, easier said than done. That’s why Amazon Web Services on Tuesday launched Level 1 Managed Security Services for managed security service providers.

The competency adds heft to certain AWS partners who validate their capabilities with the world’s largest public cloud provider. To that point, Level 1 Managed Security Services encompasses 10 areas of expertise:

  • AWS infrastructure vulnerability

  • AWS resource inventory visibility

  • AWS security best practices monitoring

  • AWS compliance monitoring

  • Monitor, triage security events

  • Around-the-clock incident alerting

  • Distributed Denial of Service (DDoS) mitigation

  • Managed Intrusion Prevention System

  • Managed Detection and Response (MDR) for AWS-based endpoints

  • Managed Web Application Firewall


AWS’ Doug Yeum

Overall, the competency “makes it easier for customers to find validated MSSP partners qualified to deliver Level 1 Managed Security Services,” said Doug Yeum, head of AWS Partner Organization, and Mona Chadha, director of AWS Marketplace Category Management at AWS, in a joint statement to Channel Futures. “At the same time, this competency allows AWS partners to differentiate themselves as having had their technical and operational capabilities successfully validated against the Level 1 Managed Security Services baseline.”

And given the rise in the number, frequency and volume of cybersecurity attacks, especially since the start of the pandemic, now proved the right time to unveil the program, Yeum and Chadha said.


AWS’ Mona Chadha

“Security has always been important, but as we’ve seen over the course of the last year and more, it continues to become increasingly imperative,” they explained. “A crowded security product space, an increase in cyberattacks, and a rapid pace of cloud migration and digital transformation has many customers seeking a validated and recommended solution from their cloud provider. In general, customers want to spend less time researching and validating security products and more time on their core business.”

Hear from Sophos, Alert Logic, IBM Security

To that end, more than two dozen AWS partners – either pure cybersecurity vendors or firms with an MSSP arm – helped pilot Level 1 Managed Security Services. Sophos was one of them. As a result of the new competency, the company now offers its threat protection, monitoring and response package for SMBs, midmarket organizations and enterprises through its channel partners. That offering combines a range of functions, including cloud security posture management and compliance, firewall, cloud workload and endpoint protection.


Sophos’ Scott Barlow

“Sophos has listed all Sophos Central security services in AWS Marketplace to ease the procurement process for customers and partners alike, enabling our channel of 60,000 partners to wrap consulting services around this offering to help with the deployment and proper implementation/configuration of security services in AWS,” Scott Barlow, vice president, global MSP and cloud alliances at Sophos, told Channel Futures.

Alert Logic is doing much the same. Like Sophos, the company has earned the Level 1 Managed Security Services competency, but for its managed detection and response platform.


Alert Logic’s Dan Webb

“We’ve long held the belief that while some organizations possess the resources and expertise to manage security operations in-house and handle their share of security responsibilities in the cloud on their own, most do not,” Dan Webb, vice president of partner sales and alliances at Alert Logic, told Channel Futures. “The majority require support and having a competency that recognizes excellence in the provision of managed security services on AWS can only be a good thing.”

Alert Logic aims to help MSPs, who generally do not have a security strategy. Many MSPs are trying to decide whether – and how – to transition to an MSSP model. The question is not an easy one to answer. Becoming an MSSP requires …

… millions of dollars in investment, to fund people, technologies, physical infrastructure, insurance and more. Not every MSP can afford to do that, and not every MSP wants to go that route. Partnering with a cybersecurity vendor that delivers MSSP expertise can be the right move.

“We’re excited to have the opportunity to help AWS MSPs become AWS MSSPs and for the good work they will do for their customers,” Webb said.

Combating the Cybersecurity Skills Shortage

IBM Security told Channel Futures the AWS Level 1 Managed Security Services program comes at a critical time.


IBM’s Michael Sanders

“The cybersecurity skills shortage is impacting everyone,” said Michael Sanders, director of cloud security strategy at IBM Security. “When you compound this with the growing complexity of security systems, managed security services are only growing in importance with clients. Certifications like the AWS Level 1 MSSP Competency Program help CISOs justify the need for help from third parties, accelerating access to the skills and expertise.”

AWS has placed its Level 1 Managed Security Services partners in the AWS Marketplace, alongside the professional services added last December. IBM, for its part, already has found that fruitful.

“For the short time IBM Security Services have been in the AWS Marketplace, we’ve seen results around our basic offerings such as assessments and consulting retainers,” Sanders said. “Since IBM’s core Level 1 MSSP offerings are newer in the AWS Marketplace we anticipate clients will discover these capabilities shortly and we can deliver the integrated security clients are looking for.”

AWS partners who earn the Level 1 Managed Security Services competency (it’s corporate-wide, not individual) land more marketing development funds, gain eligibility to participate in the annual AWS re:Inforce security conference, and get access to technical training workshops, virtual conferences, among other benefits.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Kelly Teal or connect with her on LinkedIn.


Read more about:


About the Author(s)

Kelly Teal

Contributing Editor, Channel Futures

Kelly Teal has more than 20 years’ experience as a journalist, editor and analyst, with longtime expertise in the indirect channel. She worked on the Channel Partners magazine staff for 11 years. Kelly now is principal of Kreativ Energy LLC.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like