With Passguard, Vooruit truly helps its customers move forward: inspection and repair

“Analysis and detection are often performed, but the responsibility to actually fix the problem lies with the customer. That’s not where it belongs,” says Earth. “In the MSP market, there are few companies with a dedicated security team. Often, it ends with an expensive report from an MSSP. But that still leaves the customer with the problem. We want to take it a step further: not just perform the inspection, but also be the mechanic who fixes the issue.”

Vooruit sees the role of MSPs as a unique opportunity. Thanks to their close relationships with clients and their responsibilities for uptime and service quality, they can also completely unburden customers when it comes to security.

Infostealers: a blind spot Earth discovered himself

As a pentester, Earth spent years diving into leaked databases. His conclusion: for attackers, most of that data is worthless. “Usually, the passwords were outdated, or MFA was enabled. As an attacker, that didn’t help me much,” he explains.

But over time, he saw a new phenomenon emerge: infostealers. “This malware grabs session tokens directly from infected devices. That means you can bypass MFA entirely. I realized that’s where things go wrong. For organizations, this is a blind spot, because infections on shadow IT or unmanaged devices often go completely unnoticed. We had to address that.”

The collaboration with Passguard

During the Cyber Innovation Day, Vooruit met Passguard. The connection was instant, both technically and culturally. “Many players in the market aren’t completely transparent about how they obtain their data. With Passguard, we saw the same technological results, but achieved ethically and from the Netherlands. That was decisive for us, because we consciously choose European alternatives. It fits perfectly with our vision,” Earth explains.

Integration into the SOC: from log source to action

Vooruit has integrated Passguard as a fixed log source within its own SOC. The alerts are processed via Splunk and provide customers with a much more realistic threat picture: not hypothetical risks from old databases, but active infections on devices in use today.

Concretely, Vooruit takes the following actions:

• Detect which PC or device is infected (often shadow IT).

• Perform forensic analysis and locate the malware.

• Map potential further infections in the environment.

• Clean up and restore the infected system.

• Enforce compliant device policies to prevent recurrence.

“Just this morning, we notified a customer that a Redline Stealer was running on a Windows PC. These are not hypothetical threats; this is tangible action that directly benefits the client.”

Cost-benefit: accessible and efficient

According to Earth, Passguard’s value for customers isn’t just financial.

“The costs are relatively low, especially compared to the risks. But what’s often forgotten is how little organizational effort it takes. Customers don’t need extra teams or processes. We handle both the monitoring and the follow-up. That makes it not only financially efficient but also organizationally lightweight. It’s one of the best security investments you can make.”

“This is the perfect time to start with monitoring,” Earth concludes. “The threat is growing, but the solution is simple and efficient. For organizations that take security seriously, this is a no-brainer.”