Rather than staffing up to compile its own list of vulnerabilities, PredatorWatch leverages Common Vulnerabilities and Exposures (CVE), a standardized dictionary of known threats. Maintained by Mitre Corp. under a government contract, the CVE dictionary is sold as a subscription, allowing the PredatorWatch Auditor device to automatically update itself daily. The raw CVE dictionary is in the public domain .

Already in use at several financial institutions, a major university, and even a missile defense contractor, PredatorWatch contains an internal 40-Gbyte hard drive to store the CVE dictionary and user-created monitoring criteria and schedules. The system runs on Linux, completely transparent to the operator. More than 100,000 IP addresses are under management at nearly two dozen locations.

"We are offering the highest possible margins to our channel partners, up to 30 percent, by offering a sliding scale of 50 percent of all CVE updates subscription revenues in year one, 25 percent in year two, and 10 percent thereafter for all customers that maintain a relationship with PredatorWatch, through a channel partner," said Miliefsky. The idea, he said, is for the solution provider to realize an annuity revenue stream long after the sale and installation of the product is completed. "No one else is doing this," said Miliefsky.

In addition, PredatorWatch, based in North Chelmsford, Mass., offers co-marketing, training, and executive-level support. As an additional incentive, for every five PedatorWatch Auditor devices a solution provider sells through March 2004, the company will furnish one free unit that can be used as a sales tool or as salable inventory.

"Most solutions I've seen start at $50,000, but this one starts at $5,000," said Charles Georg, Director of Marketing at solution provider ISO Security Solutions Inc., Bloomfield Hills, Mich. "These products leverage the brainpower of a Chief Security Officer (CSO) in a box and allow us to sell into a smaller organizations that can't afford to have trained security specialists on staff."

Acknowledging the reticence that providers and customers have in doing business with a young, unknown company, Miliefsky said PredatorWatch has going to great lengths to allay those fears.

Next page: Reducing Risk to Channel Partners

"We have taken precautions to ensure reduced risk to our channel partners. This includes source code escrow availability and two publicly traded ISP hosts for our CVE subscription update service." That service is automated, SSL secure, and has already been paid for, in advance, for the next three years. The company is also moving ahead with an "A" round of venture capital financing, in the vicinity of $5 million, according to Miliefsky.

With its PredatorWatch Auditor line, PredatorWatch is taking on several big names in the security space, Cisco, Internet Security Systems, and Symantec among them. So why go with a start-up? "Our sales cycle is much shorter, installation is quick and requires no fireweall reconfiguration, and we are based on CVE standards," said Miliefsky. "Those other products are based on proprietary technology, not standardized CVE, which is available to anyone."

Three versions are PredatorWatch Auditor are currently available. A handheld version, priced at $4,995, supports up to 32 IP addresses; a small-office/home-office unit carries the same price and capacity. For larger installations, rack-mount models are available with pricing varying depending on the number of IP addresses. Each includes the first year of CVE subscription updates at no charge.

Discuss PredatorWatch Prowls for Network Integrators   >>> Be the FIRST to comment on this article!

>>> More Channel News and Analysis Articles          >>> More By Joel Shore