Security and compliance vendor Tripwire is changing its sales paradigm with by shifting its licensing to flat-rate model that it hopes will prove to be friendlier to service providers and could stand as an example of how security vendors cater to the managed services market in the near future.

The shift is part of the company’s launch of a cloud security partner program designed for managed service and cloud providers. The idea is to offer up security services for cloud environments that MSPs or cloud providers can leverage to offer their customers better visibility into their virtualized environments. Partners using the Tripwire platform can either whitelabel the solution or leverage the "Secured by Tripwire" tagline to sell the platform’s security features to customers.

The company has used longtime customer Terremark as a guinea pig and collaborator in developing the offering targeted at service providers. Based in Miami, Terremark is one of the largest cloud providers on the market today and was recently purchased by Verizon for $1.4 billion.

"We have some of the largest cloud customers out there, from the federal government to large commercial customers," says Pete Nicoletti, vice president of security engineering for Terremark, who says his organization has utilized Tripwire to answer a lot of the security and compliance questions that customers were asking about Terremark’s cloud environments. "We were able to prove that with reports and ongoing compliance."

Prior to the roll out of the Secured by Tripwire cloud program, however, Terremark had to deal with a pricing model from the security company that metered monitoring similar to how a gas company meters use. The more data running through the Tripwire platform the more Terremark was charged and consequently the more it had to charge its customers. The great difficulty with the model was the budgetary uncertainty that it raised as customers were building up and tearing down infrastructure within the cloud environment.

"We deal with companies like Groupon who massively scale something up and tear it down and the old licensing model was prohibitive," Nicoletti says. "We’d say ‘Hey, look, we think we know what the price is going to be for this, and plan on writing us a big check if your thing is successful.’ We’d have to throw a dart and our customers didn’t like it and we didn’t like it, because my crystal ball is pretty good but it’s not perfect.’"

The new Tripwire model has cloud providers paying on a per node basis, one which the company’s executives believe will be accessible not just to large players such as Terremark but also to the little guys.

"We tried to lower the barrier of entry as much as possible," says Dan Schoenbaum, vice president of business development for Tripwire. "You can start with file integrity monitoring as low as $11 per month, and $9 per month for logging, where before we sold perpetual licensing and you couldn’t touch our product for less than $900."