Article | February 1, 2022

Creating A Portfolio Of Profitable Vulnerability Management Services

iStock-1208998537-meeting-talking-business

Delivering Vulnerability Management-as-a-Service (V-MaaS) is a straight-forward exercise. Set up your internal and external vulnerability scanner to run at a desired frequency; review the alert reports as they come in and determine which issues that need to be immediately addressed, which should be investigated, and which should be ignored; then update your scanner settings as needed to further refine and optimize your false positive reporting.  

So, the only real variables in the “level” of service you offer clients should be the frequency of the scans, the CVSS level threshold you set for immediate remediation, and your SLA for regular maintenance and updates of the network security posture. The fee you charge for your V-MaaS should reflect these variables, and the vulnerability management platform you select should be licensed to allow you to charge less for smaller clients without eating into your profit margins.  

Consider offering four different levels of service for four different types of clients MSPs typically have: Smaller “micro” businesses; traditional SMB clients; mature organizations; and larger “elite” clients. In this example, we’ve set up four levels of V-MaaS with placeholder names for each: Bronze, Silver, Gold and Platinum.  

VIEW THE ARTICLE!
Signing up provides unlimited access to:
Signing up provides unlimited access to:
  • Trend and Leadership Articles
  • Case Studies
  • Extensive Product Database
  • Premium Content
HELLO. PLEASE LOG IN. X

Not yet a member of MSPinsights? Register today.

ACCOUNT SIGN UP X
Please fill in your account details
Login Information
ACCOUNT SIGN UP

Subscriptions

Sign up for the newsletter that brings you the industry's latest news, technologies, trends and products.