IT and Business Insights for SMB Solution Providers

Red Sentry Aims to Bring Pen Testing to the Masses

The young company’s heavily automated solution combines continuous vulnerability management with continuous penetration testing in a bid to help channel pros meet a growing need among SMBs at an affordable price. By Rich Freeman

The simplified user interface on Red Sentry’s management console may be just two months old at this point, but there’s nothing new about the goal behind that redesign. The still young company has been trying to make the normally complex art of pen testing more accessible for channel pros since its founding early in 2020.

The modernized UI, in fact, reached users just months after the launch of a reporting wizard similarly meant to make preparing and customizing customer-ready information about vulnerabilities and remedies easier. 

“We want to be able for them to use this data and be able to populate reports very quickly and simply,” said Jenny Goldschmidt, an account executive at Red Sentry, during a conversation with ChannelPro at yesterday’s SMB Forum event in Charlottesville, N.C. The vendor was given the award for Best Expo Hall Presentation for a silver-level sponsor and selected as winner of the ROI Lightning Round during that show.

The content of those reports is collected by Red Sentry’s cloud-based, heavily automated vulnerability management platform, which like other vulnerability scanning systems searches end user environments for misconfigurations, unpatched applications, and other problems that attackers could use to get inside a network. Unlike those other solutions, however, Red Sentry’s follows up on the issues it detects, like a pen tester, to see if they’re potential dangers or real ones.

“We’re actually validating that they are in fact vulnerable to the vulnerabilities found, rather than just giving a bunch of false positives,” Goldschmidt says.

By default, the system automatically tests target networks for new issues every 24 hours, moreover, rather than weekly or monthly like many vulnerability scanners or annually like many penetration testing service providers. Dark web monitoring is included in the service.

“It’s basically just continuous pen testing, continuous vulnerability management on a daily basis,” Goldschmidt says.

The solution provides actionable remediation advice as well. “It’ll give you exactly what the vulnerability is,” Goldschmidt says, “and then it’ll give you a full recommendation for patching that.”

An open API lets users export reports to a PSA solution. Built-in integrations deliver real-time notifications as well in Microsoft Teams, Slack, Jira, Trello, and other systems.

Fees for the solution, which are charged on a per client site basis, are designed to fit channel pro budgets. Packages starts at $500 a month for 10 clients and scale up from there. “The more customers they have, the lower the price per customer,” Goldschmidt notes.

Red Sentry also offers traditional, hands-on pen testing, a service few channel pros are equipped to provide. “It’s an underserved market right now,” Goldschmidt says. “They just don’t have the manpower to do it themselves.”

Or the skills in most cases, she adds. Yet demand for penetration testing is on the rise among businesses of all sizes, in part because cyber insurers are increasingly demanding that businesses go through the process. “A lot of these clients are going to their MSP asking if they offer pen testing, and that’s usually when we get calls,” Goldschmidt says.

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.