Launched as a local and regional startup, Secure Domains offers cybersecurity solutions around the protection of DNS through its flagship product DNS Armor. In order to get scale and market penetration across GCC, it considers onboarding of MSPs and development of a two-tier distribution structure to be essential. Wissam Saadeddine and Mohammed Al Tenbakji, Co-founders of Secure Domains, explain further.
Secure Domains has begun its operation initially targeting UAE and Saudi Arabia from the GCC countries and then scaling across the GCC and into the MENA region. As a cyber security vendor it has selected a cloud native platform to offer DNS security services through its flagship SaaS product, DNS Armor.
DNS Armor is positioning itself as the first line of defence for businesses. It combines advanced threat intelligence with AI-driven DNS security, blocking malicious domains, detecting DNS tunnelling, and preventing data exfiltration. DNS Armor leverages Artificial Intelligence and Machine Learning to stay ahead of evolving threats.
Digital transformation has changed the architecture of cybersecurity and network security and new concepts and blueprints such as SASE, have been established to address these emerging needs. Cybersecurity needs to scale and evolve at the Edge, and this is where the network is expanding. One of the easiest, fastest and most scalable approaches is to extend organisational security policies and protection to the Edge using DNS.
Cybersecurity platforms and cybersecurity regulations highlight DNS as a necessity for next generation networking. Research has shown that more than 80% of malware, ransomware, botnets, use DNS aggressively in cyber kill chains to do various kinds of malicious activity like command and control, tunnelling and exfiltration.
“With all of that, securing DNS is no longer optional now,” says Mohammed Al Tenbakji, Co-founder of Secure Domains.
In the face of digital transformation, enterprises are looking for a cloud scalable, user-friendly solution. Compliance, data sovereignty, data residency regulations are also ongoing considerations. DNS Armor, the flagship product of Secure Domains, has been launched to address compliance and the need for DNS security. DNS Armor is a cloud based DNS firewall and will expand into more products in the future.
DNS or the Domain Name System is an Internet service that translates domain names into IP addresses. Dynamic Host Configuration Protocol or DHCP is a protocol for automatically assigning IP addresses and other configurations to devices when they connect to a network.
Product architecture
Secure Domains is a local and GCC based company and understands the regional challenges and pain points. DNS Armor was specifically architected and born to address those specific needs and emerging challenges. The product is modular in nature and works on the basis of geo-locations, localising data and logs to 25 assigned global geo-locations.
“We ensure that customer data and logs do not exit the assigned location. This is important for data sovereignty and data compliance to meet country level data regulations. This makes our solution cloud friendly for enterprises and for end users in the region,” says Al Tenbakji.
DNS Armor has also been built with native multi-tenancy support and is offered out of the DNS as a security layer. “These are the main points that would differentiate us from other players,” explains Al Tenbakji.
Secure Domains has chosen to make the product available across 25 geo-locations to ensure performance and latency. As enterprises users travel across the region and globally it may be essential to restrict their data usage and logs to an assigned country location, irrespective of where they are physically. Other users may prefer to operate out of the nearest geo-location.
“We have multiple locations, so the user will always have the same and always retain the same level of protection and performance. This is why we are working to ensure our data centre presence is available across 25 locations,” says Wissam Saadeddine, Co-Founder of Secure Domains.
For newly launched Secure Domains, any enterprise business is a target customer. DNS is part of every digital footprint, and any transaction on the Internet requires DNS.
“We are empowering DNS, using DNS and leveraging DNS to act as a security tool to secure customers from advanced threats and attacks. Any customer could benefit from using DNS Armor, regardless of their size and regardless of what sector they are in. They require a level of security and protection for their users, data and assets,” says Saadeddine.
Data residency
According to Saadeddine, Secure Domains has the regional experience to understand the customers’ needs in this region for them to be successful. In addition the product platform has been born within the region, which means the platform’s data logging and control plane are in-country. Whichever country Secure Domains operates in, they will replicate the cloud platform in that country.
“We will be able to replicate the entire cloud within that country, which is really unique to our cloud versus any other cloud that we have today,” says Saadeddine.
He points out that for other cloud platforms, delivering SaaS, IaaS or PaaS, “You will find that the control plane or the logging plane are central somewhere else, which defeats the purpose of data sovereignty.”
Many cloud providers state that they are within the country, but in reality, only the data plane, which is the processing plane, is within the country. A lot of the cloud elements in the architecture are somewhere else, which is a challenge that regional governments have with these cloud providers and SaaS providers.
To ensure compliance with data sovereignty, each in-country installation will have its own logging plane, and its own dedicated service plane. A distributed logging and service plane, makes the Secure Domain product modular and gives them a competitive advantage, especially from the perspective of compliance and adherence.
Rise of MSPs
In the region, enterprises IT users want to consume everything as a service. Channel partners are adapting to their customers’ behaviour. This is driving the transformation of partners and the emergence of Managed Service Providers.
“We have seen how partners and the channel have started to evolve over the past few years based on customer needs. If you ask me, any channel partner we are talking to today, they are interested in becoming a Managed Service Provider, or they are already a Managed Service Provider,” says Saadeddine.
“Customers want to Netflix everything. They want to consume, security, infrastructure, storage, everything as a service. And accordingly, the partners have started to evolve with them to become MSPs,” adds Saadeddine.
Secure Domains has made the architecture of its product to be Managed Service Provider friendly and Managed Service Provider ready. Managed Service Provider partners can leverage its multi tenancy architecture as their platform from day one. Using the Secure Domains multi tenancy architecture they can onboard as many of their customers as they want.
Or they can use their single-tenancy architecture, white label the services and accordingly onboard their customers as well. Secure Domain is using a utility model, pay as you go consumption model, that makes it usage-friendly for channel partners to adopt, sell and scale with.
Two-tier distribution
Secure Domains plans to scale its operations in two phases. In the first phase it is focussing on UAE and Saudi Arabia and adjacent GCC countries. In the second phase it will scale to rest of Middle East and North Africa using its onboarded MSP, tier-one and tier-two channel partners. “Moving to the MENA region will require MSPs and the channel to help us scale in that region,” says Saadeddine.
Secure Domains plans to develop a two-tier distribution model including distributors, channel partners, and MSPs. Saadeddine points out that its Managed Service Provider programme will be different from the standard channel programme. MSPs will follow a pay as you go model, while the two-tier distribution model will follow a resale model.
“For us to be able to grow in the short term and for us to scale in the long term, we believe that we cannot scale without partners and the channel,” he says.
Despite overcrowding of cybersecurity vendor partners with cybersecurity specialised value added distributors, Saadeddine believes their cyber security start-up has value to offer to both tiers of distribution. “What makes any channel partner programme successful is relevancy to the market, to partners, and a unique value proposition.”
Secure Domains believes a two tier distribution model is the correct go to market for its ambitions because of geo complexity. Regional distributors and in-country distributors are essential for Secure Domains since it has ambitions to offer DNS Armor with a control plane and service plane in all countries.
As a vendor and as a startup it is essential to exist in all country markets and this is not possible without having the support of a tier-one distributor, to be able to scale. “That is why in our region, the two tier distribution layer still exists and is still needed due to the geographical complexity,” summarises Saadeddine.