Small SaaS Startup hit with $2M ransomware

100+

Apps Integrations

250k

Total App users

3M

Total Fundings

40+

Team Members
DOWNLOAD FULL CASE STUDY

Introduction/Overview

Ransomware is growing exponentially, and small companies are no longer immune. Trustvio (real name kept private for security reasons) is an innovative startup that was trying to get their start with their first customers when they were attacked with a $2 million ransomware.

Challenge

SaaS companies will always be a large target for hackers, because of the numerous attack vectors. But Trustvio certainly didn’t expect to be a target
before they onboarded their first customer. Not only did they suer a ransomware attack that they couldn’t possibly aord as a startup, but their first prospects now worried about the integrity of the company. After reporting the attack to the FBI and putting numerous security measures in place, Trustvio searched for a penetration testing company that could produce fast results to give their prospects assurance that they had remediated any weaknesses in their environment.

Solution

Trustvio searched for a fast and aordable partner they could trust, and finally found Red Sentry. Red Sentry provided a full penetration test for their external, internal, and web app environments, and found 37 vulnerabilities. These findings were remediated and Red Sentry provided a letter of attestation that Trustvio could provide to their clients.

Because time was so sensitive to this startup, Red Sentry scheduled the test in 2 business days and had the final report delivered to the company 5 business days later. Other quotes they received required over 3 weeks to schedule and cost over 30% more.

Benefits

Trustvio was able to regain their prospects’ trust and close their first contracts.

High Severity Findings

· MongoDB Backup Exposed
· Insecure Direct Object Reference (IDOR)
· Default Login Credentials
· SQL Injection

Result

Although they will always have a healthy fear of ransomware, the team at Trustvio can move forward more confidently now that they have Red Sentry behind them and a strong security program in place.

Case Review

Small SaaS Startup hit with $2M ransomware before they even onboard their first client.

View Website
Case Timeline

Industry

SaaS Startup

How we helped
  • Red Sentry scheduled the test in 2 business days and had the final report delivered to the company 5 business days later. Other quotes they received required over 3 weeks to schedule and cost over 30% more.

See how we compare

We strive to bring the best pentest solution, for the cheapest price. And did we mention that we are fast?

Other Pentest Solutions

Red Sentry

Time to Launch: Weeks to Months
Time to Launch: < 7 days
Price: High (excessive fluff hours charged)
Price: Most Affordable (Ask about Price Matching)
Support: Medium
Support: High with dedicated PMs and Team Leads
False Positive Rate: Medium
False Positive Rate: Low
Customer Satisfaction: 
Medium
Customer Satisfaction: High
Thought Leadership

Check out what's hot now.

We have been making offensive cybersecurity YouTube videos and would love to share our knowledge with you!

Watch YouTube
"Easily the best project management software on the market, right now.”
Daniel Henry  -  Web Designer

What Results You Can Expect

Below are just some of the reasons why you should choose Red Sentry.

No Lead Times

We make the process smooth. We have no lead times (for those ASAP pentests).

Dedicated Project Manager

Your PM will communicate with your team throughout the pentest process.

No Hidden Fees

There are no hidden fees or overage fees. The price you see is what you get.

Retest

We offer a retest once you patch up any vulnerabilities.

Affordable Pentests

We make pentesting affordable by cutting out any fluff hourage.

Actionable Reporting

We report all critical issues to your team immediately during testing.

You're in Good Hands

Save time, avoid false positives, truly operationalize security,
and manage costs.

Start a Trial
Stars Review

Rated 4.8 on G2 & Capterra

"The Healthcare sector has been heavily affected by cyber attacks this past year. As we have so much sensitive data in our business, security is one of my main concerns. Since we’ve been using Red Sentry, I feel more confident because my team knows which patches need to be applied first and how to test them afterwards.”
Dana White
CTO, American Cosmetic Surgery Network
"We hold most of our data inside our Cloud infrastructure, which not many cybersecurity companies are focused on. Being able to have a thorough look at our Cloud security allows us to report our status to our clients and assure them we are taking a proactive approach to cybersecurity.”
Gabe Killian
VP Software Security, Procella Health
"Great enterprise tools for risk assessments. We were up and running on the software in just one day. Very easy team to work with and extremely affordable for the amount of visibility and features you get.”
David Lewandowski
CTO, United Networks of America
"We are pleased to have a strategic partnership with Red Sentry that offers our joint customers a leading integrated security solution that reduces risk and helps to keep threats out of the environment. Together, we are delivering highly accurate network assessments and intelligent automation of workflow processes and policies for a diverse customer base."
David Cartwright
Head of Commercial Cyber Security for Osi Vision

Don't know what you need?

Check out our pentesting options below.

Mobile App Pentests
A mobile application pentest is the process of approaching a native or mobile application whether that is iOS or Android, and finding vulnerabilities that would be utilized by a hacker to harm the application with malicious intent.
Web Application Pentest
A web application pentest is a type of pentest where the target is an application running, usually, behind an authentication mechanism (like a login).
Cloud Pentest
A cloud pentest assesses the security of your Cloud Infrastructure to ensure that if a hacker were to approach the environment, there would be no vulnerabilities they could utilize for malicious intent. This could take place in AWS, Azure, GCP, M365, Digital Ocean, and more.
External Pentest
An external pentest tests the security of the publicly facing assets of a company in order to ensure that if a hacker were to approach, they would not be able to leverage any vulnerabilities for an attack.
Internal Pentest
Internal pentests test the security of your company's internal network through a VPN and active directory.
Ready for a pentest?
Talk with us to learn more about our pentesting capabilities and competitive pricing.

Get a custom Pentest ROI Calculation

Stars Review

Rated 4.8 on G2 & Capterra

Get Your Data