A fixed-fee proposal specific to your goals, with clear deliverables, milestones, and timeline. Scoped after a technical discovery session. You'll have a fixed number before any work begins.
PRICING
Security execution for teams under pressure.
Fixed scope. Fixed fee. No hourly surprises.
START WITH A SPECIFIC OUTCOME
Most teams start here.
A customer asked for your SOC 2. A deal is stalled in procurement. Your cloud environment needs hardening before the audit window opens. We scope it, fix it, and hand you a security posture you own. Fixed fee. Fixed timeline. No surprises.
Most clients come to us because a deal is already waiting.
Common starting points:
- HIPAA readiness
- SOC 2 readiness
- Cloud security hardening
- Baseline security assessment
- Incident response readiness
ONGOING SECURITY OWNERSHIP
For teams that need more than a one-time fix.
We own the program, manage the stack, and stay accountable month to month. No handoff reports. No hourly invoices.
Core
Starts at $6,500/month
Best for: Teams building their security foundation and preparing for compliance audits.
Primary outcome: A clear risk baseline, prioritized backlog, and control foundation your team can sustain.
- Security program baseline and prioritized risk backlog
- Policy set + evidence workflow for SOC 2 / HIPAA readiness
- Monthly risk review and leadership reporting
- Email + Slack support + scheduled advisory sessions
Operational
Custom
Best for: Teams scaling quickly with growing customer security demands.
Primary outcome: An operational security program with stronger response capability and tighter control ownership.
- Everything in Core
- Detection and response tuning, incident workflow ownership
- Identity, MDM, and onboarding/offboarding hardening
- Bi-weekly working sessions with engineering and IT leads
- Dedicated Slack channel with guaranteed next-business-day response
Executive
Custom
Best for: Teams that need a CISO and a security team without the full-time hire.
Primary outcome: Fractional CISO-level direction with hands-on support to move high-priority security initiatives.
- Everything in Operational
- Fractional vCISO support and board-level risk reporting
- Vendor risk and customer security questionnaire ownership
- High-priority response support and strategic planning cadence
- Dedicated Slack channel with same-day response on critical issues
- Quarterly strategic security review with board-ready materials
Final monthly investment scoped to your environment, complexity, and implementation depth. Proposals delivered within 48 hours of discovery.
Not sure where to start?
- A customer asked for our SOC 2 or HIPAA certification → Start with a project engagement
- We're scaling and security is becoming a sales blocker → Start with Operational
- We have no security program and need to build one → Start with Core
- We need a CISO-level leader without the full-time hire → Start with Executive
Recent outcomes clients report
- HIPAA audit-ready posture delivered in under 14 weeks for a pre-Series A health tech company.
- SOC 2 audit-ready posture in under six months for an early-stage SaaS team.
- Proposal turnaround within 48 hours and kickoff in 1–2 weeks for active deals.
- Clear monthly risk reporting for leadership instead of ad hoc security updates.
What happens next
- Discovery call to confirm environment, priorities, and constraints.
- Proposal in 48 hours with tier recommendation and milestone plan.
- Kickoff in 1–2 weeks with implementation ownership from day one.