Both are External Attack Surface Management. Sophos wraps a managed-service team around Tenable. Sentinel is the self-serve version built for the Swiss SMB. The data layer underneath is similar. The price point, the buyer profile, and the deployment model are deliberately different.
| Sentinel | Sophos Managed Risk | |
|---|---|---|
| Built for | Swiss SMB, 50 to 500 employees | Mid-market and enterprise, 500+ employees |
| Price | CHF 299 per month | Five-figure annual contract |
| Purchase | Sign up, credit card, same afternoon | Sales call, annual contract, procurement |
| Report language | German and English, plain language | English |
| Jurisdiction | Switzerland (Endolum GmbH) | United Kingdom |
| Data residency | European Union (Frankfurt) | Varies by region |
| Discovery sources | CT logs (live stream), crt.sh, Chaos, DNS bruteforce, ASN walk, SAN harvest | Tenable EASM data layer |
| Vuln scanning | nmap, nuclei, testssl.sh, header checks, EPSS + CISA KEV | Tenable scanner stack |
| Change feed cadence | Cert events within minutes, full sweep weekly (Business) or daily (Enterprise) | Continuous on the Tenable side, quarterly analyst review |
| Compliance evidence | One-click PDF: ISO 27001:2022, NIS2 Art.21(2), FINMA 2023/1, CIS v8.1, NIST CSF 2.0 | Available via the managed-service team on request |
| Managed service | No. The IT generalist actions findings directly. | Yes. Quarterly analyst review included. |
| MSP white label | Yes. 20 to 30 percent margin. MSP brand on the report. | No. Sophos sells direct. |
You need the external attack surface map and the vulnerability scan, you want the report in German, and the budget line is in CHF 100 to CHF 400 per month. The IT generalist or the CEO acts on findings directly; you do not need a quarterly call with an outside analyst.
The partner program puts the MSP brand on the change report, the MSP domain on the dashboard, and 20 to 30 percent margin in the MSP's pocket. The MSP keeps the customer relationship; Sentinel runs everything else.
Sophos sells a full managed-service portfolio. If the security buyer wants one vendor for endpoint, MDR, and EASM, Sophos answers that question. Sentinel covers only the external attack surface; everything else stays with whoever you trust for the rest of the stack.
Sophos sells through annual contracts, named account managers, and procurement playbooks. If the buying process requires that, Sophos fits. Sentinel ships at credit-card scale and does not chase enterprise procurement.
For the Swiss SMB perimeter, yes. Sentinel uses the public Certificate Transparency stream, crt.sh, ProjectDiscovery Chaos, DNS bruteforce against a curated wordlist, and ASN walk. The Tenable corpus has a larger pre-built internet inventory, which matters for tracking a 5,000-asset Fortune 500 surface; it does not change much for the 30 to 200 assets a typical Swiss SMB exposes.
Sophos Managed Risk pays a team of analysts to read the data, run the quarterly review, and answer customer questions. Sentinel skips that layer. The IT generalist reads the AI-written report and acts on it directly. The audience that wants the analyst conversation is the audience Sophos serves; the audience that wants the data, the alert, and the remediation step in plain language is the audience Sentinel serves.
Sophos does not white-label Managed Risk; they sell it direct. Sentinel ships through the partner program at 20 to 30 percent off retail with the MSP brand on the change report and the MSP domain on the dashboard. The MSP keeps the customer relationship. That is the channel route Sophos does not run at the Swiss SMB segment.
The free scan runs on the IP you connect from. You get the same report shape an Endolum customer gets, in German or English, in 30 to 60 minutes.
Run a free scan