Bandura Launches Channel Program with Avant, Takes on log4j

,Bandura Cyber is expanding its channel presence as the log4j vulnerability heightens the need for cybersecurity solutions.

The threat blocking solutions provider signed its first solutions brokerage last month with Avant. George Just, Bandura’s chief revenue officer, said the partnership has resulted in several deals. Just made channel expansion a major priority when he joined the company in October from Oracle. And he said the vendor has found quick traction. Just partnered with Avant during his tenures at Talari Networks and Oracle, and he said the existing relationship helped lay the groundwork for a quick onboarding process.

Bandura Cyber’s George Just

“We signed with Avant in record time. They don’t do deals that quick very often,” Just told Channel Futures. “We were able to leverage the work we had done for a couple years with Avant to get in and get stuff moving right away.”

Bandura also added Chris Vander Pluym – Just’s fellow Oracle alumnus – as its director of channel sales.

Background

Virginia-based Bandura launched in 2014. It delivers a SaaS-based threat intelligence offering offering that customers can deploy either in front of or behind their next-gen firewall. Bandura ThreatBlockr proactively blocks network connections deemed a threat and reports the activity to the customer’s SIEM.

“There’s a lot of threat intelligence out there and a lot of ways to try to manage it and try to implement it into your security. We actually just take care of that action on things right away and then figure out where it is and what it is later, as opposed to [focusing on speed]. We have already responded to it and blocked it. And now if you want to dig further, that’s great. But whoever that bad actor is, they’re not in your network.”

Such is the case with the log4j vulnerability, according to Just. Experts observed that thousands of applications, libraries and frameworks use the exploitable log4j Java logging library. Just said Bandura as of Wednesday had identified more than 7,500 IPs associated with Log4j scanning activity and blocked them.

“Even if a customer had a log4j vulnerability, the IP address of where the attack was coming from was identified as a threat actor, and therefore we blocked it,” Just said. Bandura published a blog post about what the vulnerability means for its customers.

Just noted that offering works in tandem with the firewall. Bandura uses the metaphor of a house with an expensive lock on its front door but an open window. Bandura is tackling that open window.

“It is as foundational as a firewall would have been considered for the past two decades. We do something that firewalls don’t and can’t do. It’s not that there’s something wrong with the firewall. It’s just that they have a blind spot that we cover,” Just said.

Partner Impact

Because Bandura’s portfolio “plays nice” with other security stacks, Just said partners feel comfortable approaching customers to whom they have already sold a firewall. No replacement needs to occur.

“I can bring this in and not invalidate anything I already talked about,” Just said. “I don’t have to throw something out, and I don’t have to convince the customer I made a mistake.”

Just said Bandura has thus far found traction with financial, legal and healthcare customers. He added that midmarket customers that can’t afford top-tier cybersecurity talent will also find it useful.

And for partners, he said the offering fits in to their aspirations to deliver subscription-based security services.

“We’re finding that a lot of the partners are trying to build out a security practice and trying to figure out how they can really attack what their customers need, which is more security,” he said.