AS CYBER INSURERS grow increasingly choosy about who they cover, more and more are insisting on regular penetration testing to hunt down vulnerabilities before attackers can exploit them. No problem if you’re a large business that can afford to fork over tens of thousands of dollars for that service. Big problem if you’re an SMB.
Red Sentry wants to close that gap by bringing the power of pen testing to the IT masses. Like other vulnerability scanning systems, the company’s cloud-based, heavily automated platform searches end-user environments for misconfigurations, unpatched applications, and other issues that attackers could use to get inside a network. Unlike those other offerings, however, Red Sentry’s solution follows up on the issues it detects, like a pen tester, to see if they’re potential dangers or real ones. 
“We’re actually validating that they are in fact vulnerable to the vulnerabilities found, rather than just giving a bunch of false positives,” says Red Sentry Account Executive Jenny Goldschmidt.
By default, the system automatically tests target networks for new issues every 24 hours, rather than weekly or monthly like many vulnerability scanners or annually like many penetration testing service providers. Dark web monitoring is included in the service, along with actionable remediation advice.
Fees for the service, which are charged on a per-client site basis, start at $500 a month for 10 clients and scale up from there. “The more customers they have, the lower the price per customer,” Goldschmidt notes.
Need to perform an old-fashioned manual pen test for a client but don’t have the time or skills? Red Sentry can do that too for as little as $2,500. That’s a small price to pay even for most small businesses, and smaller still than the cost of recovering from a breach.
