Galactic Advisors CEO: New Approach To Penetration Testing Is Driving MSP Growth

Bruce McCully, CEO and chief security officer of the cybersecurity assessment and consulting firm, says that the company’s recently patented pentesting system has been achieving early customer wins for MSP partners.

A new approach to penetration testing recently patented by Galactic Advisors is achieving early customer wins for MSP partners, according to Bruce McCully, CEO and chief security officer of the cybersecurity assessment and consulting firm.

The company’s “user-activated” penetration testing system stands out from existing pentesting approaches by not needing privileged credentials to be utilized. That’s in contrast to traditional pentesting that presents a major hurdle—and potentially a security risk in itself—by requiring administrative credentials to probe into IT systems.

In addition, the Galactic pentesting approach helps to make the connection to business risk in a stronger way than other systems, McCully told CRN.

“Our process is the only one out there where the user gets to see their own component of liability,” he said.

Typically, when a partner shows up with technical details about a penetration test to show a customer, “the user's eyes glaze over,” McCully said.

But when a partner shows a customer its own liability, the customer sees “where they have some of their own shared responsibility around the data and around the decisions and actions they’re taking that makes it so hackers can get to that data,” he said. “That is the educational, ‘aha’ moment that the patented process delivers.”

One partner that has been utilizing the Galactic penetration testing system—and finding strong interest from customers—is Altek Business Systems. Wilhelm Rebmann, CTO of the Telford, Pa.-based provider of managed IT and security services, told CRN that it’s a major advantage to not require credentials and permissions from a customer in order to conduct a penetration test.

Rather than providing credentials, all the customer has to do is click a link in an email to enable the penetration test to be conducted, Rebmann noted.

The report provided by Galactic is also far more relevant to the customer than what is provided by other pentest systems, he said.

With the reports provided by other pentesters that Altek has worked with, “a business owner doesn’t understand most of it. We’d have to try to explain it,” Rebmann said.

For the pentest report from Galactic, however, “the business owner can read that and actually understand it,” he said. “With this report, we spend a half-hour to 45 minutes, and it engages the customer the whole time. They are like, ‘Oh my God, look at this.’”

Utilizing the pentesting system from Galactic has played a central role in enabling Altek to land six new customers in recent months, according to Rebmann.

“A lot of it is because of that process—of giving them this report, showing them how [the company] wasn’t doing a lot of the security they should be—and how we, with Galactic’s help, can do a better job,” he said.