Small to medium managed service providers (MSPs) supporting multiple clients with M365 environments struggle to find reliable email protection solutions that offer a seamless multi-tenant management portal, transparent billing, responsive support, and strong malware/phishing detection. Existing providers like Inky may become less desirable after acquisitions leading to contract/billing issues and reduced service quality, causing MSPs to face disruption and harder client management.
“A purpose-built MSP operating layer that sits on top of Microsoft Defender for Office 365, adding the multi-tenant dashboard, per-client billing automation, and white-label reporting that Microsoft refuses to build. MSPs managing 20–200 M365 clients get a single pane of glass without replacing their threat detection engine or retraining their team.”
Develop a SaaS email protection platform designed specifically for MSPs, featuring a unified multi-tenant dashboard to manage email security across multiple client accounts, transparent and flexible billing tailored to MSP needs, integration built specifically for M365 environments, high-quality threat detection including phishing and greymail filtering, and a support system optimized for MSP responsiveness. The MVP would focus on core email filtering and alerting features plus a multi-client management UI.
Recent acquisitions of email protection vendors by large MSP platforms have caused dissatisfaction; growing cybersecurity threats and widespread M365 adoption create demand for MSP-tailored email security and management tools.
Owner-operator or technical lead at an MSP with 20–200 M365 client seats, currently managing Defender natively through the Microsoft 365 Defender portal or Azure, frustrated by tab-switching and manual monthly billing reconciliation.
Proofpoint reaches 125,000 SMBs through 12,000 MSP partners; assuming ~15% of those MSPs are actively unhappy post-Inky/Hornetsecurity disruption, that's ~1,800 high-intent targets. At $199–$499/mo per MSP, the immediate addressable revenue pool is $4–9M ARR before expanding to the broader MSP cyber market growing at 18% annually.
Post a 3-minute Loom walkthrough of a Figma mockup of the multi-tenant dashboard in r/msp and the MSPGeek Slack, asking: 'Would you pay $X/month for this instead of your current cobbled setup?' Simultaneously DM 30 MSPs in the Inky migration thread offering a free concierge onboarding in exchange for a $99 founding-member pre-order via a Stripe payment link on a Carrd landing page.
10 pre-orders at $99 founding price (redeemable against first 3 months) within 14 days of posting. If fewer than 5, the price point or feature framing needs adjustment before any code is written.
The YC-matched companies are entirely irrelevant to this opportunity — none operate in email security, MSP tooling, or cybersecurity, which actually signals a gap in YC's portfolio rather than saturation. The real competitive landscape includes established players like Proofpoint, Mimecast, Barracuda, and the recently-acquired Inky (by Proofpoint), along with MSP-focused platforms like Datto, Huntress, and Gradient MSP. Most of these incumbents were built for enterprise or direct SMB sales, not for the MSP channel-first model with true multi-tenant billing and management. The acquisition of Inky by Proofpoint creating customer disruption is a classic market displacement event that opens a specific, time-sensitive entry window.
Enterprise-focused email security leader with advanced threat protection, DLP, and BEC prevention. Acquired Inky, expanding SMB reach via partners; offers some MSP support but primarily single-tenant for enterprises.
Cloud email security with archiving, continuity, and targeted threat protection; enterprise-heavy with some MSP partnerships.
Email security gateway with spam/malware filtering; SMB-friendly with MSP reseller program.
Native M365-integrated email protection with AI phishing/malware detection; dominant for M365 users.
MSP-first MDR and EDR platform with some email threat detection; focuses on SMB cybersecurity.
Unified endpoint/email security with MSP portal; good for SMB ecosystems.
Email threat defense with Talos intelligence; cloud-native for enterprises/MSPs.
SMB/MSP-focused email security with multi-tenant options; acquired by Proofpoint.
A purpose-built MSP-channel-first architecture — where multi-tenancy, per-seat billing passthrough, and white-labeling are core features rather than afterthoughts — represents a genuine gap that enterprise-oriented incumbents consistently fail to fill well. Focusing exclusively on M365 environments (rather than trying to support every email stack) allows for deeper API integration, faster onboarding, and more precise threat detection tuned to Microsoft's ecosystem. Transparent, predictable MSP billing with margin-friendly pricing tiers is itself a meaningful differentiator in a market where billing disputes and opaque contracts are a documented pain point.
The only email security management platform built exclusively for the MSP operating model — flat-tier billing, true multi-tenant isolation, and white-labeling as core architecture, not bolted-on features.
We are the MSP operating system for Microsoft Defender email security.
Switching costs compound as MSPs onboard more client tenants, configure custom billing rules, and brand reports — migrating 50 configured tenants to a competitor is a multi-day project; tenant data history and billing audit trails deepen lock-in over 12+ months.
MSPs in the Inky migration thread aren't asking for better threat detection — they're asking for billing predictability and a dashboard that doesn't require opening 40 browser tabs. The incumbents keep selling threat detection features because that's their R&D investment; the actual buying trigger for MSPs is operational pain, not threat efficacy.
Microsoft itself could expand Defender for Business / Defender for Office 365 capabilities to the point where third-party email security becomes redundant for M365 SMB environmentsRequires significant investment in threat intelligence infrastructure and continuous ML model updates to stay credible against sophisticated phishing — high ongoing R&D costMSP channel sales cycles are relationship-driven and slow; customer acquisition costs could be high without existing distributor or peer community relationshipsCompeting on threat detection quality against well-resourced incumbents (Proofpoint, Mimecast) is difficult without a large telemetry dataset early onMarket consolidation risk — a larger security vendor (e.g., Huntress, Kaseya) could acquire or bundle a competing solution into existing MSP platform deals
The shift to cyber compliance regulations could burden MSPs with additional overhead, making your service less appealing as they allocate resources to compliance rather than protection products. Furthermore, as Microsoft expands its feature offerings, MSPs may experience vendor lock-in, increasing churn risk if they perceive your solution as non-essential. Lastly, the initial user experience and perceived value from MSPs could dictate the adoption rate, and any friction could lead to significant user churn.
A similar concept was attempted by 'CloudLock,' which aimed to create multi-tenant security solutions tailored for MSPs but failed due to lack of robust integrations with major platforms like Microsoft and struggled with customer adoption and retention. Additionally, 'SonicWall' attempted to build a dedicated email security platform but found itself up against entrenched competitors and eventually withdrew from the space, citing a saturated market.
While the differentiation claims suggest a gap in the market, many MSPs may not see the need for an additional management layer if it's not considerably more efficient or less expensive than existing solutions they are already using. Moreover, your 'why now' argument assumes that acquisitions will consistently create disruption, yet many MSPs may simply adapt their practices rather than shift to a new platform. The risk of inertia among MSPs looking to stick with familiar tools must be addressed as customer churn is a notable possibility.
Viable opportunity with strong MSP wedge amid acquisition disruptions (Inky/Proofpoint) and SME growth surge. Landscape dominated by enterprise players (Proofpoint, Mimecast, Microsoft) lacking true MSP multi-tenant; Barracuda/Huntress adjacent but email-weak. Proofpoint most dangerous via partner scale, but pain points in billing/support create gaps. Best breakthrough: M365 API-first for SMB MSPs, leveraging 13.98% SME CAGR and 18% MSP cyber boom.
Step 1: Reply directly to every commenter in the Inky alternatives Reddit thread offering a free 30-day white-glove migration. Step 2: Post in MSPGeek #tools channel with a specific claim: 'Built a unified Defender dashboard with auto billing markup — looking for 5 MSPs to pilot free for 60 days in exchange for a case study.' Step 3: Search LinkedIn for 'MSP owner' + 'Microsoft 365' in metro areas, send 50 cold DMs referencing the Inky acquisition pain specifically.
$149/mo for MSPs managing up to 25 client tenants; $299/mo for 26–75 tenants; $499/mo for 76–200 tenants. Annual pre-pay at 2 months free. No per-seat fees to MSPs — flat predictable tiers.
MSPs bill their own clients $5–15/user/mo for email security; a 50-seat client at $8/user = $400/mo revenue to the MSP. At $299/mo for the platform managing 50 tenants, the payback is a single mid-size client billing cycle. Flat tiers eliminate the billing complexity MSPs hate about per-seat vendor models.
MSP connects their first 3 client tenants, sees a unified alert feed, and generates a branded PDF report in under 20 minutes — the moment they realize this replaces 3 hours of monthly manual work
If horizontal MSP messaging converts poorly, niche into MSPs serving healthcare (HIPAA) or finance (SOX) clients — same dashboard, add compliance report templates and audit log exports as premium tier
If direct MSP self-serve is too slow, approach ConnectWise or Autotask ISV marketplace to embed billing and dashboard as a native module — same core tech, distributed through incumbent PSA relationships
If self-serve onboarding stalls due to Graph API complexity, offer a $500 white-glove 'Defender MSP Setup' service to onboard the first 10 tenants — use service revenue to fund product polish, then productize the onboarding flow
Next.js + Supabase (multi-tenant RLS) + Microsoft Graph API + Stripe Billing + React PDF for report generation; deployed on Vercel
6–8 weeks solo dev: weeks 1–2 Graph API auth + tenant onboarding, weeks 3–4 dashboard + alerting, weeks 5–6 billing engine, weeks 7–8 report generator + white-label config
Strong problem-market fit with real-time acquisition displacement event (Inky→Proofpoint) driving active MSP migration demand, documented in a 72-comment Reddit thread, and clear willingness-to-pay signals. Score is tempered by Microsoft Lighthouse expansion risk and the reality that MSP sales cycles are relationship-driven and slower than typical SaaS — first 10 customers will require significant manual outreach, not self-serve conversion.