MSP Risk Intelligence

Feedback for MSP Risk Intelligence

MSP Risk Intelligence

Executive Summary Report

I would like to see a report that is a high level overview of an "organization". Show the top 5 and bottom 5 "Data Breach Risk by Host" that site/client. Break down the overall percentages of vulnerabilities, by vendor, for the whole site. Give the overall stats for "Unprotected Data Scan Statistics" for the whole site. Include the total liability $ for the entire site/client/organization. Provide totals of the things ...more »


MSP Risk Intelligence

Customer-Facing Risk Analysis Reports Critical!

Let me start off by saying congratulations on creating one of the most useful tools I've seen hit the MSP space in a long time. The RI tool is awesome and I'm sure it'll only get better as the bugs get ironed out and feedback gets factored in. In the spirit of useful feedback, let me posit this: The RI reporting is beautiful. It's useful (to engineers). It's easy to work with (for engineers). It's freaking awesome! ...more »


10 votes

MSP Risk Intelligence

Risk Intelligence - Whitelist

The only client I have run this on had files that were flagged as containing credit card information when, in fact, they were files that were compressed and had random numbers that matched the length of credit card numbers. I could easily ohave produced a report showing progress on their system if I could have eliminated the false positives. As it stands, the report still shows problems. The dashboard policy or the specific ...more »


MSP Risk Intelligence

Whitelist CVEs

On 99% of computers these CVEs are flagged as a threat. However the computers either don't have MSXML installed and or are fully patched. Customers seeing this report then think they are at risk when they are not, 5810 - MS13-002 - Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (XML 4.0) (9.3) 5889 - MS12-043 - Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution ...more »


MSP Risk Intelligence

Becoming an ASV through PCI SCC

In order for certain levels of PCI compliance to be valid if filling out the self assessment questionnaire (SAQ), a rigorous scan must be completed by an Approved Scanning Vendor (ASV). As the PCI/PAN scan seems to perform well, I think it would be a logical next step to apply for this, providing benefit to customers in being able to sign off on SAQs, and would also bring more value and perhaps customers to the tool. ...more »


MSP Risk Intelligence

Batch download of individual Risk Intelligence reports

As an MSP, I'd like to be able to perform a batch download of the individualized device reports in PDF format to provide their area of risk in mass format.


Currently there is a report that combines all of the data from the devices or the ability to create a report which has links to all of the individual PDFs but this does not suit our needs when performing scans for large customers.


MSP Risk Intelligence

Integration with Security Information Event Management (SIEM)

Several Customers/Prospects have suggested that MAX Risk Intelligence should generate log events (syslog) when scans detect certain issues. Would be nice if new "log" button could be added to reports along side the "exclude" button that could enable customer to generate syslog events or not when issues detected. For example: 1.) Vulnerabilities are detected 2.) Open ports are detected 3.) Software updates detected (inventory ...more »