DTC & Black Talon
DTC & Black Talon
DTC Security Services vs Black Talon Security
A comparison of DTC's security offerings against Black Talon Security for transparent positioning and sales conversations.
Service Comparison
| Service Category | DTC Security Services | Black Talon Security |
|---|---|---|
| Endpoint Detection & Response | ✅ MDR (Managed Detection & Response) included in base managed services | ✅ XDR (Extended Detection & Response) |
| Vulnerability Scanning | ✅ MDR add-on - Human-led remediation with DTC-scored vulnerabilities; powered by industry-leading MDR platform | ✅ Internal/external scanning with autonomous remediation |
| Fleet-Wide Vulnerability Remediation | ✅ Included in base - If a vulnerability impacts all clients and remediation is realistic with no negative impact, we fix it (it's the right thing to do) | ❌ Not mentioned |
| Third Party & OS Patching | ✅ Included in base - Industry-specific scoring and nuances; custom policies available with consultation | ❌ Not mentioned |
| Firewall Management | ✅ Included in base - DTC-leased or client-managed; policies, config, and updates fully managed | ❌ Not mentioned |
| Zero Trust Network Access | ✅ Add-on - Cloudflare ZTNA platform | ❌ Not mentioned |
| Remote Console Access | ✅ Add-on - MFA/Passkey protected via NinjaOne RMM | ❌ Not mentioned |
| Penetration Testing | 🔜 OpenText partnership planned | ✅ Human-led penetration testing |
| vCISO (Virtual Chief Information Security Officer) | ✅ Included with MDR add-on | ✅ vCISO as separate offering |
| M365 / Google Workspace Threat Protection | ✅ Add-on - Automated account locking, integrated with MDR; powered by multiple security providers | ❌ Not specifically mentioned |
| SIEM / Log Management | ✅ Add-on - AI-Powered SIEM for compliance & incident response | ❌ Not specifically mentioned |
| Security Awareness Training | ✅ Add-on - Powered by Huntress EDU | ✅ Cybersecurity awareness training |
| Phishing Simulations | ✅ Add-on - Included with Huntress EDU | ✅ Simulated phishing attacks |
| Email Security | ✅ Add-on - Microsoft Defender or OpenText Email Threat Protection | ❌ Not specifically mentioned |
| Dark Web Monitoring | ✅ MDR add-on - Powered by MDR platform + 🔜 1Password credential monitoring | ✅ Dark web scanning |
| Password Management | 🔜 1Password as a service (partnership planned) | ❌ Not mentioned |
| Incident Response | ✅ SIEM assists with incident response | ✅ Dedicated incident response service |
| Forensic Analysis | ⚠️ SIEM supports it, not offered as service | ✅ Forensic investigations offered |
| Ransomware Recovery | ✅ Work with client's cyber insurance provider | ✅ Ransomware recovery service |
| Device End-of-Life Tracking | ✅ Via RMM (standard MSP service) | ✅ Device EOL identification |
| Unified Dashboard | 🔜 Customer portal in development | ✅ EAGLEi platform |
| Reporting | ✅ Reports from all services | ✅ Via EAGLEi platform |
Key Differentiators
DTC Strengths
- Full MSP relationship - security is part of IT management, not a bolt-on
- MDR bundled with base managed services
- Proactive patching - Third party apps & Windows OS patched based on industry-specific scoring; custom policies available
- Fleet-wide vulnerability remediation - If it impacts all clients and we can fix it safely, we do it as part of standard service
- Firewall management - DTC-leased or client-managed; fully managed policies, config, and updates
- Zero Trust Network Access - Cloudflare ZTNA platform
- Secure remote access - MFA/Passkey protected console access via NinjaOne
- M365 & Google Workspace threat detection with automated response
- AI-powered SIEM for compliance
- Human-led vulnerability decisions - your Account Manager (AM) and our engineers work with you directly
- Ransomware recovery through proper channels (cyber insurance)
- Upcoming partnerships filling gaps (1Password, OpenText pen testing)
Black Talon Strengths
- Human penetration testing (available now)
- Forensic investigations as a service
- Unified dashboard (EAGLEi) already live
The Bottom Line
Black Talon sells security products. DTC is your MSP - security is integrated into the relationship.
When you work with DTC, you're not just buying a product - you're getting a managed service. Your account manager works with you on vulnerability decisions, compliance requirements, and security strategy as part of the ongoing relationship.
Notes
- DTC will not negotiate with ransomware actors - cyber insurance providers make those decisions
- All vulnerability scoring is done by DTC; clients work with their Account Manager (what we call vCIOs/vCISOs) on remediation decisions for in-production or unsupported software
- Account Managers work directly with our engineers - if a vulnerability can't just be remediated, we'll be on the phone with the client and Account Manager explaining why and working through options together
Working with Black Talon
DTC will collaborate with Black Talon when a client uses their services. However, this work requires engineer time (not service desk) and involves tools outside our standard stack. As such, consulting fees will apply for client-specific issues that require DTC involvement with Black Talon's platform or services.
We're happy to work together - just not for free.
March 2026 Update — Blackpoint CompassOne & Expanded Comparison
This section reflects updates to Blackpoint's platform (CompassOne, launched April 2025 at RSAC) and expanded competitive intel on Black Talon. Merge into the main comparison table above when ready.
Blackpoint CompassOne Tiers (What DTC Has Access To)
Blackpoint rebranded their platform as CompassOne with three tiers:
| Tier | What's Included |
|---|---|
| Essentials | Endpoint MDR and/or Cloud MDR. 24/7 SOC, patented EDR agent, identity detection & response. Month-to-month available, volume pricing at 50+ endpoints w/ 1-year commitment. This is the ~$20/month tier for budget-conscious clients. |
| Core | Everything in Essentials + Vulnerability Management, Application Control, Asset Inventory, Cloud Posture Management, Security Posture Rating, Tenant Administrator |
| Standard | Everything in Core + LogIC (SIEM with 365-day log storage), compliance mapping, full unified security posture management |
DTC's full security stack clients are on CompassOne Standard (or equivalent feature set via our multi-vendor approach).
New Comparison Rows (Add to Main Table)
| Service Category | DTC Security Services | Black Talon Security |
|---|---|---|
| Application Control | ✅ CompassOne Standard — SOC-curated app block rules, global + client-specific policies, zero-trust application enforcement | ❌ Not offered |
| Cloud Posture Management | ✅ CompassOne — Continuous M365 config monitoring, drift detection, policy change alerts, misconfig remediation guidance | ❌ Not offered |
| Security Posture Rating | ✅ CompassOne — NIST-based maturity scoring per client, benchmarking across attack surface areas (cloud, endpoint, vulnerabilities), maturity stage tracking | ✅ EAGLEi dashboard provides visual risk scoring |
| Asset Inventory | ✅ CompassOne — Full attack surface visibility: devices, identities, applications, SaaS accounts in one view | ⚠️ Limited — device EOL tracking only |
| Identity Detection & Response | ✅ Included — Cloud + on-prem identity monitoring, automated M365 account locking (locks a compromised account every ~30 minutes across their SOC) | ❌ Not specifically offered |
| HIPAA/Compliance Certifications | ✅ CMMC policy framework documented, HIPAA operational compliance built into SOPs, cyber insurance SOP (Hartford) | ✅ HCISPP-certified staff, HIPAA compliance focus |
| Cybersecurity Awareness Training | ✅ Add-on — Huntress EDU (training + phishing sims) | ✅ Black Talon Academy (training + phishing sims) |
| Security Risk Assessment | ✅ Network Assessment & Technology Evaluation SOP v3.0 — standardized intake and scoring | ✅ Formal SRA offered as a service |
Updated Rows (Corrections to Main Table)
Unified Dashboard: Change from 🔜 to ✅ — CompassOne is live. Security Posture Rating, asset inventory, tenant admin, vulnerability management, and MDR all visible from a single platform. Client-facing portal with reporting is operational.
Vulnerability Scanning: Strengthen the DTC description — "✅ CompassOne Standard — Contextual vulnerability prioritization (correlates vulns with asset criticality, exploitability, and threat activity), internal/external scanning, automated patch deployment. On top of platform scanning, DTC applies its own Patch Priority Score (PPS) formula with human review before any patch is approved."
SIEM / Log Management: Update to reference LogIC specifically — "✅ CompassOne Standard — LogIC SIEM with 365-day log retention, automated compliance mapping, real-time event collection. Feeds into SOC for unified visibility across firewalls, EDR, and vulnerability scanners."
DTC's Patch Priority Score (PPS) — Detail for Sales Conversations
DTC doesn't blindly auto-patch. Every vulnerability goes through a weighted scoring formula:
PPS = (CVSS × 0.6) + (Known Exploits × 1.5) + (Ease of Exploit × 1.5) + (Exploit Age × 1.0)
| PPS Score | Priority | SLA |
|---|---|---|
| 9.0 – 10.0 | Critical | Patch within 24 hours |
| 7.0 – 8.9 | High | Patch within 7 days |
| 4.0 – 6.9 | Medium | Standard patch cycle |
| < 4.0 | Low | Patch as needed |
All patches are rejected by default. The Code Commanders team manually reviews every Patch Tuesday release using The Hacker News, Bleeping Computer, 0dayfans, Reddit mega threads, and patchtuesday.com before approving anything. If a patch causes 5+ incident tickets, it becomes a Problem and gets rolled back immediately.
This matters because dental software compatibility is fragile. You can't just auto-approve a .NET update when Dentrix G7 has specific version dependencies. DTC's engineers understand this. Black Talon's "autonomous remediation" doesn't account for it.
Expanded Black Talon Intel
- Company size: ~$22M revenue, 15 employees, HQ in Katonah, NY with Boca Raton office
- Positioning: "Your IT company is NOT equipped to handle threats. You need IT AND a cybersecurity company." They explicitly sell separation of duties between IT and security as a requirement.
- EAGLEi platform: Single pane of glass for vuln management. Scans endpoints every 4 hours, firewalls daily. Autonomous patching. Pen testing, SRA, dark web monitoring, phishing simulation all integrated.
- Pricing model: Not public. Reseller markup of 50-100% for MSP partners. No minimum purchase.
- Dental focus: Claims to secure 35,000+ devices in dental space. Endorsed by AAO, OMSNIC, multiple state dental associations. CEO Gary Salman is visible in the DSO conference circuit.
- Key weakness: They are NOT an MSP. They don't manage infrastructure, backups, servers, workstations, or dental software. They layer on top of whoever is doing the IT work. When their scan finds a vuln, someone else has to fix it. With DTC, the team that finds the vuln IS the team that fixes it.
- DSO play: They target DSOs specifically, offering to audit the MSP. Their pitch to DSO leadership: "Your IT company doesn't know what they don't know. We audit them." DTC's counter: we welcome audits because our stack is documented, scored, and defensible.
Blackpoint Published a DTC Success Story
Blackpoint published a case study featuring Scott Leister (Senior Systems Engineer at DTC) on their website in September 2025. Title: "DTC Strengthens Cybersecurity for Budget-Conscious Clients with Blackpoint MDR Essentials." This is useful for sales conversations — our MDR vendor publicly validates DTC's approach. Link: https://blackpointcyber.com/success-story/dtc-strengthens-cybersecurity-for-budget-conscious-clients-with-blackpoint-mdr-essentials/