HailBytes SAT and HailBytes ASM are built for three distinct customer profiles — in-house security teams, MSSPs, and offensive-security firms. The product makes different sense for each, and we want to be precise about who it’s for.
Security teams at organizations from ~200 to 10,000+ employees who want phishing simulation and external attack-surface monitoring without per-seat or per-asset pricing scaling against headcount or asset count.
MSSPs and managed compliance providers who attach phishing simulation to client SOC 2, HIPAA, and cyber-insurance bundles, billing the client at retainer rates while running on a flat per-instance cost basis.
Pen-test firms and red-team practices who run HailBytes ASM internally as a scoping accelerator and externally as a recurring continuous-monitoring deliverable resold to clients between point-in-time engagements.
How customers actually run the platform.
The most common deployment: one HailBytes SAT or ASM instance per organization, running on a 2 vCPU VM in the customer’s AWS or Azure account. Marketplace charges flow through the existing cloud bill and count toward EDP / MACC commits.
Profile: mid-market and enterprise security teams.
One instance per client in a shared MSSP cloud account, with per-tenant branding, OIDC, and audit logging. Tenant data never crosses instance boundaries — the model SOC 2 auditors expect from MSSP-delivered services.
Profile: MSSPs running 5+ active clients on phishing simulation or ASM.
One firm-internal ASM instance scanning every prospect and active engagement (scoping accelerator), plus per-client white-label instances billed monthly to clients who want continuous monitoring between point-in-time tests.
Profile: offensive-security firms with active recurring-revenue practices.
HailBytes SAT and ASM both deploy in AWS GovCloud and Azure Government. Federal contractors and regulated industries run there for FedRAMP-aligned data residency requirements.
Profile: federal contractors, defense industrial base, and regulated state-level agencies.
HailBytes is designed to be vertical-agnostic, but compliance pressure makes some industries especially common.
SOC 2, PCI-DSS evidence pipelines and the cyber-insurance underwriting requirements that landed phishing-simulation programs as table stakes.
HIPAA Security Rule §164.308(a)(5) explicitly mandates security-awareness training. SAT generates the documented evidence auditors expect.
SOC 2 Type II is procurement table stakes for B2B SaaS. SAT campaigns and ASM scan logs feed the CC2.2 awareness and CC7.1 vulnerability-management controls.
FedRAMP-aligned deployments via AWS GovCloud and Azure Government. NIST CSF PR.AT and SP 800-53 awareness requirements covered by SAT evidence.
Universities running multi-school phishing simulation programs with per-school branding and reporting, plus continuous external monitoring of large public attack surfaces.
Carriers and MSSPs bundling SAT and ASM as policy-condition deliverables for insureds, with the audit evidence underwriters require.
We’re actively building out our public case-study program. Twelve months of free access to HailBytes SAT or ASM, plus our highest support tier, in exchange for feedback and a written or video case study at the end of the year. Open to all three customer profiles.
Apply to the Case-Study ProgramIf you’d like an introduction to a current customer running a similar deployment pattern (in-house, MSSP, or pen-test firm), our team can arrange a peer reference call once you’re in active evaluation.