MSPs should offer vulnerability scanning as a service, Rapidfire Tools

Managed vulnerability scanning is growing at 50% year-on-year as threats rise

In a presentation at the Computing DeskFlix Cloud Automation event last week, Mark Winter, VP Product at RapidFire Tools, made the case for managed services providers adding vulnerability scanning to their security portfolio, suggesting they could do so without having to employ extra staff.

First, a record number of vulnerabilities is being added to the CVE List, with around 250 new entries every week, 50 of those being classified as 'high severity'.

Organisations find it difficult to keep up with these newly reported vulnerabilities, even though they know that patching them quickly is imperative. This is particularly true of smaller companies.

Moreover, vulnerabilities are quickly exploited and vendors are sometimes slow to patch them even after they've been made public, meaning that mitigation is required.

MSPs are already offering firewall, anti-malware and monitoring services, so vulnerability scanning of customers systems is an obvious value-add, Winter said.

"What can you offer your customers that's more complete than what you're offering today, gives your customers more peace of mind and something that they can actually understand and afford?"

The market for managed vulnerability scanning is growing 50% year-on-year, Winter said, quoting the analyst IDC.

While existing offerings are available for larger organisations they are not always suitable for or affordable by SMBs, which is a market RapidFire Tools is focusing on with its vulnerability scanning tool VulScan. Winter said this tool is easily configured by MSPs and offered under flexible licencing terms at much lower prices than the major players.

"Our tools are designed to be easy to use and easy to deploy, so that you can have this to your security staff without having to bring on expensive security engineers or add staff to support this," Winter said.