⚡ Built specifically for MSPs

The Security Platform
MSPs Actually Need

External attack surface management. Ten compliance frameworks. SBCMSP Agent for Windows. White-label client portals. M365 assessment. All from one platform, starting at $79/month.

Start Free Trial → See Pricing
673
External Check Types
10
Compliance Frameworks
200
Internal Agent Checks
60
M365 Security Checks
Platform Capabilities

Four Pillars of MSP Security Coverage

Most security tools cover one layer. SBCMSP covers four — external, internal, cloud, and compliance — from a single dashboard.

🌐
External Attack Surface Management
673 automated checks run daily against each client domain. SSL/TLS configuration, security headers, DNS email security (SPF/DMARC/DKIM/MTA-STS), subdomain discovery, open ports, WordPress/CMS vulnerabilities, API security, injection tests, PII exposure, and more. Findings mapped to all 10 compliance frameworks.
SSL/TLSDNS SecurityHeadersCMS ChecksPort Scanning
📋
Compliance Framework Reporting
Generate audit-ready PDF reports for 10 compliance frameworks in one click — CIS Controls v8, SOC 2 Type II, NIST CSF 1.1, NIST CSF 2.0, ISO 27001:2022, HIPAA Security Rule, PCI DSS v4.0, CMMC 2.0 Level 2, Cyber Essentials, and FTC Safeguards Rule. Each report includes control status, failing findings with remediation steps, and a compliance score using a weighted control pass rate model.
CISSOC 2NIST CSF 1.1NIST CSF 2.0ISO 27001+ 5 more
🖥️
SBCMSP Agent
Deploy the lightweight SBCMSP Agent to client Windows machines. 200 checks across 14 modules covering: BitLocker encryption, Windows patching, Active Directory hardening (KRBTGT age, stale accounts, unconstrained delegation), SMB signing, backup status (Veeam, VSS), TLS Schannel configuration, LAPS deployment, and much more. Results appear alongside external scans in the dashboard.
BitLockerAD HardeningBackup StatusPatching
☁️
M365 / Entra ID Assessment
Connect via Microsoft Graph API to assess tenant-wide cloud security posture. MFA registration status across all users, legacy authentication blocking, Conditional Access policy coverage, Global Admin count, guest user review, audit log status, Microsoft Secure Score, and Privileged Identity Management. One connection covers the entire M365 tenant.
MFA StatusCA PoliciesSecure ScoreAdmin Roles
How It Works

Onboard a New Client in 10 Minutes

From domain addition to first compliance report — without leaving the dashboard.

01
Add Client Domain
Enter the client's domain name. SBCMSP immediately starts the external scan — 673 checks across 20+ categories. No configuration required.
02
Deploy Internal Agent
Download a pre-configured connector exe from the dashboard. Run as Administrator on any Windows machine. Installs agent, creates scheduled task, runs first scan automatically.
03
Connect M365 Tenant
Register an Azure AD app with Graph API permissions. Paste the tenant ID, client ID, and secret into SBCMSP. One connection covers all users in the tenant.
04
Generate Compliance Report
Select one or more frameworks (CMMC, HIPAA, PCI, SOC 2...) and click Generate. Reports include your MSP logo and are ready to share with the client in seconds.
05
Invite Client to Portal
Send the client a link to their white-labeled portal. They see their score, findings, and remediation progress — all under your company branding.
06
Monitor Continuously
Daily scans run automatically. You receive alerts when a control regresses. Compliance reports update on schedule. No manual re-assessment needed.
Compliance Frameworks

10 Frameworks, Zero Extra Cost

Every SBCMSP plan includes all 10 compliance frameworks. No add-on pricing per framework.

📐
CIS Controls v8
18 critical security controls. Prioritized implementation.
🔐
SOC 2 Type II
AICPA Trust Services Criteria. SaaS and service orgs.
🇺🇸
NIST CSF 1.1
Identify, Protect, Detect, Respond, Recover — legacy contracts still require 1.1.
🇺🇸
NIST CSF 2.0
Adds Govern function — Identify, Protect, Detect, Respond, Recover.
🌐
ISO/IEC 27001:2022
Annex A controls. International standard.
🏥
HIPAA Security Rule
164.312 technical safeguards. Healthcare clients.
💳
PCI DSS v4.0
30+ controls. Cardholder data environment.
🛡️
CMMC 2.0 Level 2
110 controls from NIST 800-171. DoD contractor baseline.
🇬🇧
Cyber Essentials (UK)
NCSC baseline security standard for UK government suppliers.
⚖️
FTC Safeguards Rule
Financial services data protection. Auto dealers, accountants.
Pricing

Simple Per-Domain Pricing

All plans include all 10 compliance frameworks, external scanning, internal agent, and M365 assessment. No hidden add-ons.

Starter
$79
/month · $63/mo billed annually
3 domains
Core scanning · 3 frameworks · 30-day retention · 1 team seat
Pro ⭐
$249
/month · $199/mo billed annually
20 domains
All 10 frameworks · 180-day retention · Team seats · API access
Business
$599
/month · $479/mo billed annually
75 domains
White-label · Webhooks · API · Priority support
Enterprise
$1,499
/month · $1,199/mo billed annually
150 domains
Custom retention · SSO · SLA · Dedicated support

Your MSP Deserves
a Better Security Platform

Add your first client domain in 2 minutes. 14-day free trial, no credit card required.

Start Free Trial →