DG

Daniel Groves

Head of Security Research · ComplianceLayer

Daniel leads security research at ComplianceLayer, focusing on external attack surface analysis, cyber insurance requirements, and compliance framework mapping. His work includes large-scale domain security studies and developing the methodology behind ComplianceLayer's 16-module scanning engine.

Areas of expertise
External attack surface managementCyber insurance security requirementsEmail authentication (SPF, DMARC, DKIM)Compliance framework mapping (SOC 2, NIST, ISO 27001)MSP security operations

Articles by Daniel Groves(11)

Cyber InsuranceApr 1, 202614 min read

We Scanned 1,000 SMB Domains — Here's What Cyber Insurers Would Find

We ran ComplianceLayer's full 16-module scan against 1,000 publicly reachable SMB domains across five industries. The average score was 61/100. Only 8% earned an A. Here's what cyber insurers would find if they scanned your clients today.

ArchitectureApr 1, 202613 min read

Building a 16-Module Security Scanning API: Architecture Decisions

16 security scanners running concurrently against a single domain in under 60 seconds. Here's how ComplianceLayer's scanning architecture works — from asyncio.gather to Redis job queues to the scoring algorithm.

MSPApr 1, 202611 min read

The MSP's Guide to Automating Client Security Assessments

QBRs need data, not opinions. Here's how to automate client security assessments — from API-based scanning to client-ready reports — and turn them into a $12K+/year revenue center.

Cyber InsuranceMar 29, 20269 min read

The 12-Point Security Checklist Cyber Insurers Actually Use

Underwriters scan your clients' external attack surface before they quote. Here are the exact 12 checks they run, the pass/fail criteria, and why most MSP clients fail at least 3.

EASMMar 29, 202612 min read

The 2026 State of External Attack Surface Management

73 domains scanned across the MSP and cyber insurance ecosystem. 41% failed DMARC enforcement. 65.5% of cyber insurers run the policy they require from applicants. Here's the full picture.

Cyber InsuranceMar 29, 20267 min read

The 5 Open Ports That Will Get Your Cyber Insurance Denied

Cyber insurance underwriters run automated port scans during underwriting. These 5 open ports trigger the most denials, exclusions, and premium spikes — and 14% of SMBs have at least one of them exposed.

DMARCMar 29, 202612 min

SPF vs DKIM vs DMARC: What MSPs Need to Know

MSPs get asked about SPF, DKIM, and DMARC constantly -- usually the week before a client's insurance renewal. Here's the practical breakdown: what each record does, what it doesn't do, how they work together through DMARC alignment, and how to audit your entire client base before an underwriter does.

SSLMar 29, 20267 min read

Why Your SSL Certificate Passed But Your Insurance Application Failed

A green padlock means your connection is encrypted. It says nothing about your email security, open ports, or the admin panel exposed on port 8080. Underwriters check all of it.

DMARCMar 24, 20266 min read

We Scanned 73 Domains. 41% Failed DMARC.

Cyber insurers require DMARC on renewal applications. We scanned domains across the insurance and MSP security ecosystem. The results are worse than you'd expect.

DMARCMar 24, 20265 min read

We Scanned 29 Cyber Insurance Providers. Half Had Email Auth Gaps.

Cyber insurers require DMARC from their customers. We checked if they enforce it on their own domains. Many don't.

Cyber InsuranceMar 24, 202611 min read

What Cyber Insurers Actually Scan When They Check Your Domain

Carriers like Coalition, At-Bay, and Cowbell run automated domain scans during underwriting. Here's exactly what they check — and how to fix it before your client's renewal.