Interview-based cybersecurity risk assessment platform for MSP’s
No complicated training. No endless legwork. No useless summaries.

Just a straightforward risk assessment platform that gives you this

Just a Straightforward Risk Assessment Platform

this

Complete your client’s risk assessment in weeks, not months. So simple, even a tier-1 tech can get it done.

Start my 14-day free trial
Risk Analysis
Download Report
Threat
Controls
Controlled
Response
Likelihood
Impact
Threat Score
Data Breach due to Security Awareness Training not being conducted
Perform security awareness training.
Fully Controlled
N/A
5
5
1600
Hacking due to open ports.
Remediate external vulnerability scan resuus.
Partially Controlled
Modify
4
5
400
Malware due to insufficient antivirus.
Deploy or improve antivirus.
Fully Controlled
N/A
5
5
1600
Malware due to browser add-ons not being blocked.
Block browser add-ons.
Not Applicable
Retain
5
2
600
Severe service outage due to important hardware not being sufficiently backed up.
Create and execute proper availability strategy.
Not Controlled
N/A
5
5
1600
Lack of visibility into network vulnerabilities
Perform security awareness training.
Not Controlled
N/A
5
5
1600
RISK ASSESSMENT ACTION ITEMS
Owner: Darth Vader
Action Item
Notes
Control not in place
Interviews
Risk Score
Finalize EDR/XDR deployment.
Currently in the process of upgrading our antivirus to a new tool. This will provide EDR/XDR capabilities as well to boost security overall.
Malware due to insufficient antivirus.
IT
1600
Implement a secure process to validate wire transfers.
All new wire info should be confirmed with a known number.
Theft of assets due to insufficient validation of wire transfers.
Accounting
400
Set up Positive Pay.
This will protect us against check fraud.
Theft of assets due to Positive Pay not being set up.
Accounting
110
Action Item Report
View
Download
Report Delivery Presentation
Download

“We need a risk assessment. Can you help us?"

Whether it’s to get compliant, get proof of completion for a third party, or just to get protected, your clients need risk assessments.

And until now, you’ve said no.

Because they were too complicated. Too messy. Too time-consuming. Too much of a learning curve. Too much of a colossal pain.

And that, we felt, was a crying shame.

Especially as MSPs are exceptionally well positioned to do them for their clients.
(Because you know their operation, set-up, employees...and have a substantial running start).

The risk of not doing one? Too large.

Risk assessments are recommended in every single compliance framework. Because all it takes is one unpatched software, one phishing email, one misconfigured firewall to open the door to cyberthreats like ransomware, wire fraud, and data breaches that can cost your clients their systems, reputation, and capital.

The solution? We’ve just made it too easy.

It’s all about knowing what to ask–and what to do with their answers. And now, you'll get all that handed to you on a golden platter.

Sharken Assess

A  simple cybersecurity risk assessment  platform for complex cyber threats.

Creative Works
Risk Assessment 09/2024
Dashboard
Interviews
Action Items
Employees
Reports Center
Creative Works
Company Profile
All Assessments
All Employees
Epic MSP Account
Hello Yoda!
Your assessment is in progress.
Click on any of the interviews to continue.
Interviews
75% Complete
Executive Interview
15% Complete
HR Interview
35% Complete
Accounting Interview
100% Complete
IT Interview
Risk Dashboard
Total Threats
Total
220
N/A
Fully Controlled
Partially Controlled
Not Controlled
76 Total Findings
Partially and Not Controlled
Action Items by Owner
dashboard image
It’s straight forward to use. It's built off the standards and frameworks you need to stay safe. It’s in-depth. It’s multi-tenant. It’s customizable. It’s always up-to-date. It’s always accessible in the cloud.
It’s modern and intuitive.
It’s straight forward to use. It built off the standards and frameworks you need to stay safe. It’s in-depth. It’s multi-tenant. It’s customizable. It’s always up-to-date. It’s always accessible on the cloud. It’s modern and intuitive.

It’s the hands-down, victory-dance, best platform to assess and address your clients’ risks.
It works like this:

1.
Create

Open your new assessment, input your employee information,  and choose your assets.

Use Connectwise? You can import your employee information directly from Connectwise.

2.
Conduct

Get guided questions for every asset type. Answer them yourself and conduct interviews with team members to find out the rest of the info.

Assessment DashboardAssessment DashboardAssessment Dashboardillustration
3.
Complete

Pull your reports, and get the information you need neatly organized and rated according to risk levels with action items sorted by priority.

Report Dashboard
reportreportreportreport

Easy to Conduct, Easy to Report, Easy to Implement

Customizable
Flex to fit your world

Your space, your rules. You can customize each field, override threats, and even control the threat scores.  Because you know your clients best and understand where the real threats are.

assessment progress bar
Customize Assessment
Below you can choose assets and/or add to the quantity, as it applies to the environment. The assets you choose will determine which threats are covered in the assessment.
Quantity
Asset type
Asset Nickname
Asset notes
Compliance
note icon
External Contractor
note icon
Back
Finish
customize assessmentcustomize assessmentcustomize assessmentcustomize assessment
One Comprehensive Source of Truth
The standards + the frameworks you need in one central place

You give us your assets, we’ll give you everything else. All the relevant threats, the standards, the frameworks neatly compiled into one handy-dandy source-of-truth.

We align with:

  • CIS SCS

  • COBIT 5

  • NIST CSF

  • NIST SP 800-53

  • ISO/IEC 27001

Creative Works
Risk Assessment 09/2024
Dashboard
Interviews
Action Items
Employees
Reports Center
Creative Works
Company Profile
All Assessments
All Employees
Threat Assessment
Action Items
Details
Executives Interview
HR Interview
Accounting Interview
IT Interview
#
Threat
Controlled
Response
Linked Action Items
Network (0 unresolved threats)
2
Hacking due to IT administration being...
Partially Controlled
Modify
3
Malware due to insufficient antivirus.
Not Applicable
Fully Controlled
Partially Controlled
Not Controlled
N/A
Modify
Retain
4
Hacking due to open ports.
Fully Controlled
N/A
5
Lack of visibility into network vulnerabil...
Not Controlled
Modify
6
Maleware due to uninsufficient patch...
Fully Controlled
N/A
7
Malware due to out-of-date Operating...
Partially Controlled
Modify
8
Network intrusion due to the guest wirele..
Not Controlled
Modify
9
Advanced persistent threat due to not d..
Fully Controlled
N/A
10
Vulnerable networking equipment beca..
Fully Controlled
N/A
11
Theft of assets due to insufficient inven...
Fully Controlled
N/A
12
Data Breach due to not minimizing adm..
Not Controlled
Modify
Chase Bank Account (0 unresolved threats)
2
Theft of assets due to Positive Pay not be..
Not Controlled
Modify
3
Theft of assets due to Debit Block not be..
Not Controlled
Modify
4
Theft of assets due to bank account ale...
Not Applicable
Fully Controlled
Partially Controlled
Not Controlled
N/A
Modify
Retain
5
Theft of assets due to bank accounts usi..
Not Controlled
Modify
6
Theft of assets due to MFA not set up on...
Fully Controlled
N/A
Capital One Account (0 unresolved threats)
8
Theft of assets due to Positive Pay not be..
Fully Controlled
N/A
9
Theft of assets due to Debit Block not be..
Fully Controlled
N/A
10
Theft of assets due to bank account ale...
Fully Controlled
N/A
11
Theft of assets due to bank accounts usi..
Fully Controlled
N/A
Employee data (0 unresolved threats)
2
Data breach due to Employee PII and he...
Fully Controlled
N/A
3
Insider Threat due to not conducting em...
Not Applicable
Fully Controlled
Partially Controlled
Not Controlled
N/A
Modify
Retain
4
Theft of assets due to an insufficient te.r..
Partially Controlled
Retain
Payroll (0 unresolved threats)
6
Paychecks can be hijacked.
Fully Controlled
Modify
Brooklyn (0 unresolved threats)
8
Theft of assets due to insufficient physic..
Fully Controlled
N/A
9
Theft of assets due to insufficient physic..
Partially Controlled
Modify
Lakewood (0 unresolved threats)
11
Theft of assets due to insufficient physic..
Fully Controlled
N/A
12
Theft of assets due to insufficient physic..
Fully Controlled
N/A
Compliance (0 unresolved threats)
2
Data Breach due to Security Awareness..
Partially Controlled
Modify
3
Fines or legal issues due to not meeting...
Partially Controlled
Modify
4
Theft of assets due to an information Se..
Fully Controlled
N/A
External Contractor (0 unresolved threats)
6
Fines or legal issues due to third party co...
Not Applicable
Fully Controlled
Partially Controlled
Not Controlled
N/A
Modify
Retain
assessmentassessmentassessmentassessmentassessment
Recommended Action Items
A built-in security consultant

Select from precise recommended action items for every uncontrolled threat in your assessment. Or have an action item of your own? Just drop it in under the relevant threat.

Servers
Data Breach due to Security Awareness Training not being conducted
Interview Question
Do you conduct Security Awareness Training? Do you keep record of it? How often is it conducted? Do you have phishing simulations?
Controlled
Not Applicable
Fully Controlled
Partially Controlled
Not Controlled
Response
N/A
Modify
Retain
Sharken Recommended Control
Perform security awareness training
Add as Action Item
Action Items
No action items are added.
Perform security awareness training.
23
Data Breach due to Security Awareness Training not being conducted
4
Save
1600
Custom Action Item
Notes
Notes
Obi-Wan's note
Chewbacca's note
action itemaction itemaction itemaction item
Assign Action Items
Put the team to task, right in Sharken

Assign every action item to the team member that will address it when conducting the assessment.  Then, once it’s completed, you can automatically dispatch personalized emails to all your team members with their list of action items.

Perform security awareness training.
Action Item Notes
Linked Threats
Link to threat
Data Breach due to Security Awareness Training not being conducted
Not Controlled
Risk Score Rollup
1600
Expected date of completion
Owner
Owner
Han Solo
Executive
Luke Skywalker
HR
Cancel
Save
Add employee
New Employee
Han Solo
Executive
hansolo@gmail.com
Luke Skywalker
HR
lukeskywalk@gmail.com
Sheev Palpatine
Accounting
sheevpal@gmail.com
tasktasktasktasktasktask
Multi-Tenant Dashboard
A kingdom for every client

A separate dashboard for every client means you can pick up right where you left off, see where every client is at, and keep all that data nice and organized.

All Companies
Creative Works
Account Profile
Manage users
All Companies
Company
Sort by
Bertram
Birch Risk
Wits
Everest Equity
Champion Care
H&R Healthcare
Boro Park
Chemed Health
Eshyft
companycompanycompanycompany
Detailed Reporting
Overdeliver without the overwhelm

Get the bottom-line list of threats and action items, not 14 pages of interview transcripts you need to plow through.

Action Items
Name
Finalize deployment.
Set up MFA using secure methods.
Send phishing tests.
Perform security awareness training.
Implement a secure process to validate wire transfers.
Ensure default passwords are always changed.
Name
Action Item Notes
Owners
Interviews
Risk Score
Finalize deployment.
Currently in the process of upgrading from Defender. This will provide EDR/XDR capabilities as well to boost security.
Arnold Smith
IT
1600
Set up MFA using secure methods.
Choose a robust MFA method
Marilyn Watson
IT
1600
Send phishing tests.
Use a reputable phishing simulation tool
John Williams
Executive
1600
Perform security awareness training.
- Trainings
- Quarterly Phishing Tests
Zack Miller
IT
Executive
500
Implement a secure process to validate wire transfers.
All new wire info should be confirmed with a known number.
Arnold Smith
Accounting
400
Ensure default passwords are always changed.
Identify the owners for each system
John Williams
IT
400
report itemreport itemreport itemreport itemreport itemreport itemreport itemreport itemreport item
One Click Reports + Presentations
Freedom from formatting

Give everyone what they need, how they need it. Because in Sharken, you can pull reports and presentations in just one click.

  • For you:  An exported deck presentation

  • For your client:  A clear risk report

  • For third parties: A redacted report as a risk snapshot

Creative Works
Risk Assessment 09/2024
Dashboard
Interviews
Action Items
Employees
Reports Center
Creative Works
Company Profile
All Assessments
All Employees
Reports
Risk Assessment Report
Comprehensive risk report detailing findings, recommendations and risk summaries.
View
Download
Executive Summary
Overview of the risk rating and company posture.
View
Download
Report Delivery Presentation
Prepared presentation for an in-person or Zoom meeting to review stats and action items.
View
Download
IT Action Item Presentation
Comprehensive risk report detailing findings. recommendations and risk summaries
View
Download
Action Items
SELECT ALL
SEND
item carditem carditem carditem card
reportreportreportreport
reportreportreport
Threat Scores
Rated for risk

Not all threats are created equal. Sharken automatically assigns a score rating the risk of the threat, so you know which threats to address first.

Risk Analysis
Download Report
Threat Score
1600
400
1600
600
1600
1600
Threat
Controls
Controlled
Response
Likelihood
Impact
Threat Score
Data Breach due to Security Awareness Training not being conducted
Perform security awareness training.
Fully Controlled
N/A
5
5
1600
Hacking due to open ports.
Remediate external vulnerability scan resuus.
Partially Controlled
Modify
4
5
400
Malware due to insufficient antivirus.
Deploy or improve antivirus.
Fully Controlled
N/A
5
5
1600
Malware due to browser add-ons not being blocked.
Block browser add-ons.
Not Applicable
Retain
5
2
600
Severe service outage due to important hardware not being sufficiently backed up.
Create and execute proper availability strategy.
Not Controlled
N/A
5
5
1600
Lack of visibility into network vulnerabilities
Perform security awareness training.
Not Controlled
N/A
5
5
1600
threat scorethreat scorethreat scorethreat scorethreat scorethreat scorethreat scorethreat scorethreat score
Risk Score Rollup
To do for today

Easily see which action items require immediate action and which ones can wait for tomorrow.  Our proprietary algorithm looks at factors like the number of threats attached to the action item, likelihood, and impact and  gives you a precise, accurate rating for each action.

Action Items
Risk Score
1600
1600
1600
500
400
400
Name
Action Item Notes
Owners
Interviews
Risk Score
Finalize EDR/XDR deployment.
Currently in the process of upgrading from Defender. This will provide EDR/XDR capabilities as well to boost security.
Arnold Smith
IT
1600
Set up MFA using secure methods.
Choose a robust MFA method
Marilyn Watson
IT
1600
Send phishing tests.
Use a reputable phishing simulation tool
John Williams
Executive
1600
Perform security awareness training.
- Trainings
- Quarterly Phishing Tests
Zack Miller
IT
Executive
500
Implement a secure process to validate wire transfers.
All new wire info should be confirmed with a known number.
Arnold Smith
Accounting
400
Ensure default passwords are always changed.
Identify the owners for each system
John Williams
IT
400
risk scorerisk scorerisk scorerisk scorerisk scorerisk scorerisk scorereport itemrisk score
Assign the Items
Put the team to task

Let’s get implementing! Once you’ve completed the assessment, send automated personalized emails to each team member with their assigned action items.

Action Items
Darth Vader
Accounting
4 Action Items
Sent Jan 24, 2024
Preview
Send
Boba Fett
Accounting
1 Action Items
Sent Jan 24, 2024
Preview
Send
Action item report sent successfully
action itemaction itemaction itemaction item
Onboarding Support
Support

Hands-free by design. But if you need us, we’re here.

Just give a holler.

Product
Support
Cybersecurity Questions
Intro Pricing

Perfect-fit packages for the big guys, the little guys, the in between guys.

We’ve got you covered.  Because security is for everyone.

Standard
3
Assessments
/year
$
199.00
/month
Try it Free
Pro
12
Assessments
/year
$
499.00
/month
Try it Free
Ultimate
28
Assessments
/year
$
899.00
/month
Try it Free

Save 10% when you pay in one yearly payment!

Standard
3
Assessments
/year
$
2149.20
/year
Try it Free
Pro
12
Assessments
/year
$
5389.20
/year
Try it Free
Ultimate
28
Assessments
/year
$
9709.20
/year
Try it Free
Need more assessments/year? Reach out for our enterprise options.
Contact Us

What’s my ROI?

Let’s do the math.

Assessments per year
Billing rate
per assessment
$
Labor cost
per assessment
$
Sharken cost for
all assessments
$
Your ROI
$
Yeah. That’s pennies on the dollar.
Free Trial

Try us free for 14 days.

No credit card. No commitment.

Today
Sign up for your free trial, create a risk assessment, and customize in a few clicks.
Over the next few days
Conduct and complete the interviews. The whole shebang usually takes 2-5 hours.
(Psst...as their IT team, you already know most of these answers and can fill them straight in.)
In 14 days
You're ready to export your reports. Present. Boom. Another client protected. (And another invoice sent.)
The Advantage

Built by an MSSP means you get all the features you need and nothing you don’t

Because we’ve done this hundreds of times

sharken logo
The other fish
Can you customize assets?
Of Course
That’s the cornerstone of an effective risk assessment.
😞
Do you get a list of threats and action items?
You Got It
Interview summaries are nice, but will only get you so far.
😲
Does each threat have a risk score?
Sure
A meaningless list of threats is meaningless (wait. did we just repeat ourselves?)
😟
Are action items rated in order of importance?
Yeppee
And you can adjust the order as you see fit, because Sharken risk assessments are meant to be used :).
😧
Is the user interface clean, sleek and modern?
Of Course!
It’s not 1990. Enough said.
😖
sharken logo
Can you customize assets?
Of Course
That’s the cornerstone of an effective risk assessment.
Do you get a list of threats and action items?
You Got It
Interview summaries are nice, but will only get you so far.
Does each threat have a risk score?
Sure
A meaningless list of threats is meaningless (wait. did we just repeat ourselves?)
Are action items rated in order of importance?
Yeppee
And you can adjust the order as you see fit, because Sharken risk assessments are meant to be used :).
Is the user interface clean, sleek and modern?
Of Course!
It’s not 1990. Enough said.
The other fish
Can you customize assets?
😞
Do you get a list of threats and action items?
😲
Does each threat have a risk score?
😟
Are action items rated in order of importance?
🫤
Is the user interface clean, sleek and modern?
😖
Risk Assessments Are For More Than Just Compliance

The stakes are high. But the bar is low.

You know their systems. Their software. Their setup.

Do a risk assessment to:
1. Check the complete environment

Make sure their entire environment is protected–not only the systems you’ve touched.

2. Double-check for changes

Because well-meaning humans can be dangerous, and that software you safely set up 2 years ago? Yeah. It may have been tampered with.

3. Get protected against new threats

Cybersecurity is constantly evolving. A Sharken risk assessment will ensure your clients are operating according to the latest recommendations.

It only takes a few hours. And yes, you’ll make money. But more than that, you are offering your clients the incredible value of meeting compliance and ensuring they won’t be sitting ducks to cyberthreats.
(And if that’s not meaningful, we’re not sure what is.)

In 2 weeks time
which one will you be?

We’re still referring all our clients to an MSSP.

And saying no to our clients. Introducing them to another provider (who may or may not offer what we offer).  And then, anyways spending the time educating the other party on how we’ve set up their operations, answering their interview questions,  and responding to their 23 follow-up emails.

We’re still working on getting our own system set up in-house

Here’s the plan: We’ll comb through the standards  and free resources, figure out how to organize the data, actually organize the data, manually write up all the reports and presentations, write up personalized lists for each employee and email each one individually. Then, we can just repeat most of this for all 61 clients!

We’re delivering comprehensive Risk Assessments to our clients with Sharken

We have a clear, repeatable process to conduct Risk Assessments that any of our team members can perform. Our clients are thrilled–because we can give them what they need.   We’re thrilled–because our clients are safer (and it’s an easy in to adding necessary services to their package). Our employees are happy–because their work is clear, streamlined, and efficient. And our CFO is cha-chaing all the way to the bank.

Something to say?
 We want to hear it.
We're on it!
Thanks for reaching out! We'll get back to you within 48 hours with your response.
Oops! Something went wrong while submitting the form.
close