Blacksmith Infosec reviews — what users really think

Blacksmith InfoSec is built for Managed Service Providers who handle cybersecurity and compliance for multiple small to medium businesses. The centralized dashboard saves time by letting MSPs manage all their clients from one place.

• MSP Owners/Managers who need to oversee numerous client accounts from one interface without jumping between systems.
• Compliance Specialists who want to generate customizable security policies in minutes across frameworks like NIST, HIPAA, SOC 2, and CMMC instead of building them from scratch.
• IT Security Professionals who need a risk register to track security threats and show clients where vulnerabilities exist.
• IT Service Providers looking to add compliance services as a revenue stream with straightforward pricing they can bill predictably.
• Security Trainers who need built-in awareness modules with automatic enrollment and progress tracking instead of cobbling together training from multiple sources.
• Small to Medium-Sized Businesses in regulated industries who need to meet compliance requirements but can't afford a dedicated compliance team.

The platform is used across regulated industries like healthcare, financial services, and government contractors.

Blacksmith InfoSec is flying under the radar right now. There's not much chatter on Reddit or other platforms about actual user experience. They offer Compliance-as-a-Service tools for Managed Service Providers, but the quiet makes it hard to gauge how well the platform performs in practice.

The silence doesn't necessarily mean anything negative—it could just indicate they're a niche service that hasn't generated much discussion. Potential customers will need to dig deeper directly with the company to understand their security policy management and compliance roadmaps. For now, the internet opinion meter is more of a blank slate than a clear signal.

• Custom Security Policies: Generate tailored security policies for each client in minutes, supporting multiple compliance frameworks including NIST, HIPAA, SOC 2, and CMMC with an interface that ensures consistency across different business environments.
• Personalized Compliance Roadmap: Automatically create a prioritized compliance checklist customized for each client that guides them through security best practices, focusing on critical measures first.
• Risk Management: Track security and business risks in a risk register, with assessment tools that help clients decide where to invest in protection.
• Security Awareness Training: Default and specialized training modules that educate staff about business risks and compliance requirements, with automatic enrollment and progress tracking.
• Audit Tracking and User Access Reviews: Record policy acknowledgments, track training completions, and manage user system access to maintain security controls.
• Incident Response Planning: Build and maintain incident response plans that prepare clients for security events and help them respond quickly when issues occur.
• Centralized Management Dashboard: Manage multiple client accounts from a single interface, with real-time monitoring and scalable security program oversight.
• Custom Client Portal Branding: White-label the client portal with custom branding to maintain your MSP's identity.

• Monthly Plan costs $200 per month with no per-user fees, add-ons, or hidden charges.
• Annual Plan priced at $2,000 per year with a flat rate and no additional fees.
• Both plans include customized security policies, risk management tools, compliance roadmaps, security awareness training, and incident response planning.
• Free NFR (Not For Resale) license available to help MSPs improve their own compliance along with their clients.

Blacksmith InfoSec supports multiple compliance frameworks including NIST, HIPAA, SOC 2, CMMC, and other common industry standards. The platform generates security policies aligned with these frameworks, letting you customize security programs based on your clients' regulatory needs without being a compliance expert yourself.

You can create custom security policies in minutes using Blacksmith's interface. The platform streamlines what would typically be a time-consuming process, letting you quickly generate professional, tailored policies for each client. Once published, these policies automatically create prioritized compliance roadmaps so you can immediately start implementation.

Yes. Blacksmith offers a multi-tenant management system that lets you oversee all your clients from a single dashboard. This centralized view makes it simple to track compliance progress, manage risk registers, and monitor security training completion across your entire client base. The platform is built specifically for MSPs who manage security programs for multiple businesses at once.

The risk management feature includes a risk register that tracks both security and business risks. You can document threats, assess their potential impact, and create mitigation plans all in one place. The system lets you prioritize risks based on severity, track resolution progress, and generate reports for clients. This gives you a complete view of their security posture while helping clients make better risk-based decisions.

Blacksmith offers a free NFR (Not For Resale) license to help MSPs improve their own compliance while serving their clients. This lets you use the platform for your own internal security program without paying licensing fees. It's a way for MSPs to walk the walk on compliance while demonstrating the platform's value to potential clients.