Multi-tenant vulnerability management
built for MSSPs
Centraleyezer gives managed security providers a risk-based vulnerability management platform with a dedicated, isolated instance per client, one central admin console, and pooled licensing — so you can add clients without adding chaos, and hand every client audit-ready evidence under their own SLAs.
What running VM as a service actually requires
Single-tenant platforms make you choose between shared databases (a data-segregation risk your clients' auditors will ask about) and one deployment per client with no central control. Centraleyezer was built for the third option:
True tenant isolation
A dedicated container per client — not row-level separation in a shared database. Data sovereignty per tenant, by architecture.
One console, every client
Centralised administration across all client instances: onboarding, licensing, health, and cross-client operations from a single pane.
Client-ready deliverables
Executive, CISO, and Technical reports from customisable Word templates — the deliverable your service is judged on, generated per client.
Per-client SLAs and audit trails
Remediation SLAs, risk acceptance, and complete audit trails per tenant — the evidence regulated clients ask their MSSP for.
Scanner-agnostic per tenant
Each client keeps their own scanners. 40+ integrations (Nessus, Qualys, Burp, AWS Inspector, Wazuh…) via API or file import.
Pooled, predictable licensing
Quota-based licensing by client deployments. Unlimited assets, findings, and users in every tenant — no metering surprises.
MSSP checklist: shared-tenant VM vs Centraleyezer
MSSP questions, answered
How does Centraleyezer isolate MSSP clients from each other?
Each client runs in its own dedicated, isolated container instance — not a shared database with row-level filters. A misconfiguration or noisy neighbour in one tenant cannot leak data into another, and per-client instances can even run different versions or configurations.
Can my analysts manage all clients from one place?
Yes. The centralised admin console gives your SOC one pane across every client instance — onboarding, licensing, health, and cross-client oversight — while each client’s data stays inside its own container.
How is MSSP licensing priced?
MSSP licensing is pooled and quota-based (number of client deployments), with custom pricing. There is no per-analyst or per-asset metering — assets, findings, and users are unlimited in every deployment.
Can each client keep their own scanners?
Yes. Every client instance connects to that client’s own scanners — 40+ integrations via API or XML/JSON/CSV import — so you can standardise your service without forcing clients to change tooling.
What reporting do clients receive?
Executive, CISO, and Technical vulnerability reports generated from customisable DOCX templates per client — so deliverables carry your service’s structure and the client’s context, with full audit trails behind every number.
Does Centraleyezer support air-gapped or client-premises deployments?
Yes. Client instances are Docker-based and can run in your cloud, in the client’s environment, or fully air-gapped — useful for regulated clients that cannot ship vulnerability data off-site.
Deep dive: read the guide to multi-tenant vulnerability management for MSSPs or see the partner programme tiers.