Fortra acquired Zero-Point Security this week. Zero-Point is a UK-based cybersecurity training firm known for its red team operations courses, specifically the Red Team Operations I and II programs that certify operators in adversary emulation and penetration testing. The deal expands Fortra’s offensive security training capabilities alongside existing products: Cobalt Strike, Core Impact, and Outflank Security Tooling.
This is acquisition number 21-plus for Fortra. The platform play is not a new idea for them.
The question that matters isn’t whether Zero-Point is a good fit — it is. Red team training belongs in the same ecosystem as the offensive tools practitioners use. Daniel Duggan built Zero-Point Security into the most credible independent source of CREST-certified red team training, and putting that curriculum closer to the Cobalt Strike product team makes technical sense.
The question is: does the Fortra platform play actually deliver on what a platform is supposed to do? And if you’re an MSP or MSSP evaluating this stack, what are you actually buying?
The Acquisition-as-Strategy Problem
Let’s be clear about how Fortra arrived at this point. The company was born as HelpSystems in 2014 — an IT automation software business — and spent the better part of a decade buying cybersecurity companies at pace. Cobalt Strike came over from Core Security in 2020. Outflank came with the purchase of their European team. The company rebranded to Fortra in 2022 specifically to signal that cybersecurity was now the core identity, not a side practice.
Twenty-plus acquisitions is a thesis. “We’re assembling a complete cybersecurity platform through strategic M&A.” Every acquirer says this. The channel has learned to treat it with skepticism, because the gap between “assembled portfolio” and “integrated platform” is where margin and operational complexity go to die.
The ChannelBuzz interview with Fortra’s VP of global channels Faraz Siraj is worth reading carefully. Siraj’s pitch to the channel is real: Fortra’s products touch the full kill chain, from offensive security testing through email security, data protection, and threat intelligence. For an MSSP who wants to offer comprehensive security services without building a vendor panel of twelve different point solutions, the promise is appealing.
But promise and execution are different things. The specific concern that matters for channel partners: billing. Integration. Support. When a client has an issue that touches Cobalt Strike, a data loss prevention product, and the email gateway — all Fortra SKUs, all acquired from different companies — does the support ticket stay in one place? Does the data share across products natively, or does integration require professional services engagement every time?
Fortra hasn’t fully answered those questions publicly. What they’ve shown is good roadmap documentation and honest acknowledgment that integration is ongoing work. That’s better than most. It’s not the same as done.
Why This Matters for the MSP/MSSP Evaluating the Stack
Here’s the math on platform consolidation for security partners. The pitch is: buy the platform, reduce vendor sprawl, improve margin by concentrating purchasing.
That math holds when the platform is genuinely integrated. It breaks down when “platform” means “vendor whose products share a logo.”
The cybersecurity vendor consolidation trend accelerated through 2025 and into this year, and the M&A activity behind it is real. But history on roll-up platforms is mixed. Barracuda unified its partner program around a consolidated framework and it largely worked, because they built the integration layer first and the GTM layer second. Other acquirers did the opposite — showed partners a unified catalog, then delivered an integration experience that felt like three different companies because it was three different companies.
Fortra is somewhere in the middle. The offensive security products — Cobalt Strike, Outflank, Core Impact, and now Zero-Point training — have genuine product synergy. The founder of Zero-Point already had a working relationship with the Cobalt Strike team, collaborating on operator training before the acquisition. That’s an integration signal, not just a portfolio signal.
The defensive product lines are a different question. Evaluating those requires actually pulling on the thread of whether their XDR story, email security, and DLP are talking to each other at the data layer or just co-existing in the catalog.
The Offensive Security Training Angle Is Real
Set aside the platform debate for a moment. The Zero-Point acquisition does something specific that matters to MSSPs building offensive security capability.
The CRTO certification — Certified Red Team Operator — is one of the more respected practical credentials in offensive security. It’s not a multiple-choice exam. It requires demonstrating actual red team technique in a live lab environment. That credential is now sitting inside the same company that makes the tools red teamers use.
For MSSPs who offer penetration testing or red team services, this is a potential sourcing advantage. Training pipelines that lead to tooling certification, delivered by the people who built the tooling, is a differentiated staffing story. The question is whether Fortra will offer access to that training ecosystem through the channel at a price point that makes sense for MSSP operators building out their practice — or whether it stays positioned as a direct enterprise offering.
At CP Expo in two weeks, Fortra will have channel messaging for exactly this. Watch what they say about training access for partners versus enterprises. That answer tells you how serious the MSSP play is.
The One Thing to Watch
Platform stories in cybersecurity M&A go one of two ways. Either the acquirer builds integration infrastructure that justifies the platform label, or they run a bundled catalog with a single renewal date and call it a platform.
Fortra has been on the right side of that historically in their core offensive security suite. The test is whether the next twenty-four months of product development show genuine data-layer integration across the broader portfolio, or whether they’re still completing the roadmap slide they showed partners two years ago.
For now: Zero-Point is a good acquisition. The red team training gap is real. The product fit is legitimate.
Evaluate the platform claim when you’re actually using three or more Fortra products together and the integration either works or it doesn’t. That’s the only test that matters.