We Scanned 1,000 SMB Domains — Here's What Cyber Insurers Would Find
We ran ComplianceLayer's full 16-module scan against 1,000 publicly reachable SMB domains across five industries. The average score was 61/100. Only 8% earned an A. Here's what cyber insurers would find if they scanned your clients today.
The 12-Point Security Checklist Cyber Insurers Actually Use
Underwriters scan your clients' external attack surface before they quote. Here are the exact 12 checks they run, the pass/fail criteria, and why most MSP clients fail at least 3.
The 2026 State of External Attack Surface Management
73 domains scanned across the MSP and cyber insurance ecosystem. 41% failed DMARC enforcement. 65.5% of cyber insurers run the policy they require from applicants. Here's the full picture.
SPF vs DKIM vs DMARC: What MSPs Need to Know
MSPs get asked about SPF, DKIM, and DMARC constantly -- usually the week before a client's insurance renewal. Here's the practical breakdown: what each record does, what it doesn't do, how they work together through DMARC alignment, and how to audit your entire client base before an underwriter does.
Why Your SSL Certificate Passed But Your Insurance Application Failed
A green padlock means your connection is encrypted. It says nothing about your email security, open ports, or the admin panel exposed on port 8080. Underwriters check all of it.
We Scanned 73 Domains. 41% Failed DMARC.
Cyber insurers require DMARC on renewal applications. We scanned domains across the insurance and MSP security ecosystem. The results are worse than you'd expect.
Stay ahead of compliance risk
Get started with a free external attack surface scan. No credit card required.