Sprocket Security
Sprocket SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
11 reviews
from
External reviews are not included in the AWS star rating for the product.
Powerful pen testing and security management
What do you like best about the product?
The UI is very easy to use, the thorough pen testing helped us find a lot of security issues in our product, and the advices on how to fix the issues helped us quickly fixed the issues. And the unlimited retesting is very handy. The customer support is very helpful when we have any issues using the product.
What do you dislike about the product?
There is not much that I dislike. The only thing could be there are too much information in the report to be digested.
What problems is the product solving and how is that benefiting you?
Helped scanning our products to identify any security issues, and it indeed found several security issues.
A Top-Tier Penetration Testing Partner
What do you like best about the product?
As a customer who has worked closely with Sprocket Security, I can confidently say they are one of the most professional and skilled cybersecurity teams I’ve had the pleasure of working with. Their expertise in penetration testing is top-tier and they have consistently gone above and beyond to ensure our organization’s security posture is robust and resilient!
What do you dislike about the product?
At this time there are no issues we have had with Sprocket Security
What problems is the product solving and how is that benefiting you?
Sprocket’s penetration testing is helping find vulnerabilities in our web application ones that automated tools can’t detect
Top Tier Team
What do you like best about the product?
Ease of use, implementation, and support.
What do you dislike about the product?
There is not a single thing I dislike about the Sprocket Security team or platform.
What problems is the product solving and how is that benefiting you?
Sprocket helps us go beyond compliance requirements and dives deep into true vulnerable aspects the company actually faces. Some Pentest groups are just glorified vulnerability scanning. The Sprocket team adds so much value to the product with their knowledge, description of their work and findings, and how to remediate those findings. They are always quick to respond, and the ability to add a continuous functionality to the work adds enhanced security coverage to the organization. We all know emerging threats can spawn overnight. The last thing you would want would be to employ a one-time Pentest group that only covered 1 month out of the year, leaving your organization open to these threats the remainder of the time.
A far superior Continuous Penetration testing service
What do you like best about the product?
Sprocket Security's team, web interface, and responsiveness is top-notch. Having the flexibility to have my environment assessed on a regular basis instead of once a year keeps me and my team constantly on top of vulnerabilities in my environment. The web interface is nice and clean, concise, and allows me to request for re-tests of found vulnerabilities. The interface also has new findings, comments, and allows for easy communication without having to open a complicated ticket. Their team also has allowed me to contact them directly with questions, issues, or requests. They really make it easy for me to use their system in a way that works best for me.
What do you dislike about the product?
Sprocket Security doesn't have anything specific I dislike, except for the fact that it doesn't integrate with any of my security stack. This isn't a big deal, but it causes false positives with my alerting tools by notifying me that the Sprocket host is malicious. It can make it difficult to add to the Allow list to reduce the noise.
What problems is the product solving and how is that benefiting you?
Continuous penetration testing to keep a constant eye on my environment's vulnerabilities so I can proactively react.
Solid Service and Great Extension to our Team
What do you like best about the product?
Sprocket Security provides highly detailed and actionable penetration testing reports that are easy for both technical teams and leadership to understand. Their team is responsive, knowledgeable, and consistently goes above and beyond to support our security goals.
What do you dislike about the product?
Great service and findings, but expanding the frequency of communication during testing phases would help keep all stakeholders better informed. Our SIEM and other tools pickup "malicious" activity, but it ends up being a false positive.
What problems is the product solving and how is that benefiting you?
Sprocket Security is helping us identify and remediate vulnerabilities through thorough penetration testing and continuous security assessments, which strengthens our overall security posture. Their clear reporting and expert guidance make it easier for our team to prioritize risks and demonstrate compliance to leadership and auditors. I really like the remediation actions section when a vulnerability is discovered.
Making our environment secure
What do you like best about the product?
Sprocket Security has proven to be a valuable partner in our ongoing efforts to maintain a secure and resilient IT environment. Their penetration testing services go beyond traditional vulnerability assessments, providing a deeper and more accurate picture of our security posture.
One of the standout aspects of Sprocket Security is their real-world approach to testing. Rather than relying solely on automated scans, their team simulates realistic attack scenarios, using the same tools and techniques that threat actors would employ. This gives us a much clearer understanding of where our defenses are strong—and where they may fall short.
Their reports are not just technically sound but also clear, actionable, and tailored to both technical and executive audiences. Each finding includes detailed remediation guidance, risk ratings, and context that helps prioritize responses based on business impact.
What sets Sprocket apart is their continuous engagement model. Instead of just a once-a-year penetration test, they provide ongoing testing that evolves with our environment. This ensures that as our infrastructure, applications, and attack surfaces change, our security strategy keeps pace.
The team is highly collaborative and responsive, always willing to walk us through findings or offer advice on best practices. Their commitment to transparency and education helps our internal teams grow stronger in their own security awareness and capabilities.
Overall, Sprocket Security's penetration testing has become an essential part of our cybersecurity program. Their thorough, hands-on approach ensures we’re not just checking a box—but genuinely improving our defenses against evolving threats.
One of the standout aspects of Sprocket Security is their real-world approach to testing. Rather than relying solely on automated scans, their team simulates realistic attack scenarios, using the same tools and techniques that threat actors would employ. This gives us a much clearer understanding of where our defenses are strong—and where they may fall short.
Their reports are not just technically sound but also clear, actionable, and tailored to both technical and executive audiences. Each finding includes detailed remediation guidance, risk ratings, and context that helps prioritize responses based on business impact.
What sets Sprocket apart is their continuous engagement model. Instead of just a once-a-year penetration test, they provide ongoing testing that evolves with our environment. This ensures that as our infrastructure, applications, and attack surfaces change, our security strategy keeps pace.
The team is highly collaborative and responsive, always willing to walk us through findings or offer advice on best practices. Their commitment to transparency and education helps our internal teams grow stronger in their own security awareness and capabilities.
Overall, Sprocket Security's penetration testing has become an essential part of our cybersecurity program. Their thorough, hands-on approach ensures we’re not just checking a box—but genuinely improving our defenses against evolving threats.
What do you dislike about the product?
I can honestly say there is nothing negative about Sprocket.
What problems is the product solving and how is that benefiting you?
Pointing out holes in our environment and solutions to fill those holes. Constant pen testing and email campaigns to test user's security protocols.
Modern Approach to Penetration Testing
What do you like best about the product?
Sprocket's continuous pentesting model should be the industry standard. Their portal/dashboard where findings are published is modern and easy to navigate. The details for each finding are complete with proof and an easy-to-understand explanation. Steps for remediation are given, and their team is willing to assist if a particular finding is difficult to fix, which is especially helpful for organizations without the time or manpower to dig into each individual issue.
What do you dislike about the product?
The main downside to Sprocket's model is that many third party vendors have not adapted to the continuous pentesting model. MDR vendors do not expect a "threat actor" to be persistent inside the network. They would still prefer a limited-term engagement with a static report to which they can compare their performance in detecting network penetration against the results of the penetration tester.
What problems is the product solving and how is that benefiting you?
Most businesses only contract with penetration testing firms to fulfill a yearly compliance requirement where the contracted pentesters complete the engagement within a few weeks and produce a static report that shows their findings and offer advice for remediating those vulnerabilities. In today's ever-changing IT landscape, an annual pentest is not practical. Sprocket solves this problem by engaging in a model of continuous penetration testing, where findings are published on an on-going basis and remediation is a cooperative effort between Sprocket and the client.
Recommendations to others considering the product:
If it's Sprocket's model of continuous testing vs. a competitor's one-time test, it absolutely makes sense to partner with Sprocket, especially because the cost of the engagement will likely be very close. They will work with you year-round instead of just a handful of weeks. Their pentesters are knowledgeable, competent, and they stay on top of the trends in offensive security techniques, as opposed to relying on stale playbooks of outdated scripts. They are a great partner for internal IT security teams, working collaboratively to safeguard a company's digital intellectual property.
Great Experience So Far with Sprocket Security
What do you like best about the product?
Sprocket Security brings a high level of cybersecurity expertise to the table. Their detailed approach to penetration testing ensures no vulnerabilities are overlooked. They offer a comprehensive dashboard of any findings and steps for remediation.
What do you dislike about the product?
Initial testing happens within a 90-day window. Would be nice to start seeing results of the test prior to completion.
What problems is the product solving and how is that benefiting you?
Sprocket Security is helping us discover and address any critical vulnerabilities in our network and overall cybersecurity posture through comprehensive penetration testing.
Solid Security Partner
What do you like best about the product?
- Easy
- Support
- Guidance on how to fix findings
- Results
- Reporting/Portal
- Expertise
- Functionality of the porta
- Support
- Guidance on how to fix findings
- Results
- Reporting/Portal
- Expertise
- Functionality of the porta
What do you dislike about the product?
Too many marketing emails - slow down. Maybe just a monthly newsletter.
What problems is the product solving and how is that benefiting you?
We were looking for a pentration testing company and came across Sprocket at a conferene. I was drawn my their passion. We set up an intro meeting and got their services implemented. Super easy.
Recommendations to others considering the product:
Look no where else.
An actual continuous pentesting service
What do you like best about the product?
The whole team is great to work with. From the first sales call, to scoping, procurement, implementation, and now in operation. Our technical account manager is super responsive and ensures our needs are prioritized. The testers provide great write-ups to their findings and are quick to hop on a call if clarity is needed. The product team is eager to hear how to improve the user experience of their platform. Over a year into our relationship and by far my best vendor to work with.
What do you dislike about the product?
The only issue I could state, and it is a very small one, is just the reality of being a young company. Not every single feature is buttoned down. But nothing so consequential that it causes an actual pain point.
What problems is the product solving and how is that benefiting you?
We utilize Sprocket Security for external pentesting and web application/API pentesting.
Recommendations to others considering the product:
If you are looking for a real, continous assessment of your network edge and/or apps and services then look no further. Sprocket does fantastic work. And if you sell software, it is a sales feature to say you aren't doing the old once-a-year, point-in-time pentest that everyone else does. If you product(s) release once a year, then ignore me. But, if you are an agile shop you need to be doing continuous pentesting and Sprocket let's you do that without investing in 26 pentests a year per product.
showing 1 - 10