What we offer

Services built for small businesses.

Every service is designed as a one-time engagement — standalone or as an add-on to a Security Assessment. No retainers, no long-term contracts. Just clear, useful work.

Core service

Start here.

The Security Assessment is the foundation. Everything else builds on it.

Core service

Security Assessment

A full review of your security posture — email, network, devices, data practices, and staff habits — with a plain-English risk report and a prioritized action plan. Conducted entirely remotely. Designed for businesses with up to 20 staff.

Flat rate · $500 · up to 20 staff · one-time · renewal available

See full details →

Sample Report — Risk SummaryAcme Dental · 2025

High

Staff email not using two-factor authentication

Next step: Enable 2FA in email admin settings (15 min)

Medium

Website contact form transmitting data without encryption

Next step: Install SSL certificate (free via your web host)

Low

No written password policy for staff

Next step: We can draft one for you as an add-on

Add-on & standalone services

Go deeper where you need to.

Each of these can be added to a Security Assessment at a reduced rate, or engaged on their own.

Vulnerability Scan

Automated scanning of up to 10 assets against the NIST CVE database to surface known weaknesses and outdated software.

Add-on or standalone · up to 10 assets

Learn more →

Attack Surface Assessment

Scanning of your website and web applications for OWASP vulnerabilities, misconfigurations, exposed admin panels, and other public-facing gaps.

Add-on or standalone · up to 3 domains

Learn more →

Security Policy Writing

Custom plain-language security policies for your business. Choose the policies you need — from a single document to the full suite of 7.

Add-on or standalone · choose 2, 4, or all 7 policies

Learn more →

Coming soon

In development.

These services are on the roadmap. Get in touch if you’re interested — early access may be available.

Coming soon

Phishing Simulation

Safe, controlled phishing emails sent to your staff to identify who’s vulnerable and where awareness training is needed most.

Per campaign

Coming soon

Incident Response Playbook

A step-by-step guide for what to do when something goes wrong — ransomware, a data breach, a stolen device.

Add-on or standalone

How services work together

Build the right engagement.

Most clients start with a Security Assessment and add services based on what we find together.

Just getting started

A Security Assessment on its own gives you a complete picture of your risk and a clear action plan — the best first step for any small business that hasn’t had a professional security review.

Most comprehensive

Security Assessment + Vulnerability Scan + Attack Surface Assessment covers your people, devices, and web presence — the most complete view of your risk surface available.

Assessment + documentation

Security Assessment + Security Policy Writing turns findings into enforceable rules your team can follow — ideal for businesses preparing for cyber insurance, new staff, or a compliance review.

Not sure where to start?

We’ll help you figure out the right combination for your business — no pressure, no upsell.

Talk to us →