Infosec Coaching Session
1:1 or 1-many Coaching call for you to ask any question you have where you need expert security advice. We can be strategic and go over your security strategy deck, or tactical and review your GSuite or AWS Accounts for security and best practices.
Security Questionnaire Coaching
You are a SaaS startup that is working with Enterprise customers. The buyer loves your product and wants you on-board, but wait… there’s this security questionnaire they you to fill out. Turns out the questionnaire is 20 pages long and quite overwhelming! You fill it out and feel like you could do better than just answering a “No” to all the questions.
We have been on the other side in Enterprises asking companies to fill those questionnaires.
Over a 2 hour video session we will walk through the security questionnaire together and provide clarification on any questions you may have. Also provide unlimited support via email for one week after the initial session.
- Real-time security guidance for each question from an expert who’s been “on the other side”.
- A forum for me to understand your environment a little better to and provide security guidance.
- Feedback on what you can do in your environment with minimal time investment to answer “Yes” to some questions and improve your security.
Coaching Session + Active Negotiation
All of the above, and function as the external facing security person with your future enterprise customer / partner for a period of two weeks. A good idea before spending time on a questionnaire is to gauge how the security team will react if there are too many “No’s” in the questionnaire. Much of the process is really about negotiation and reaching a middle ground that the security team will be happy about.
You may be a startup that takes security seriously, but that might not show in the questionnaire, so having a security expert on hand can provide that assurance.
You might be a startup that doesn’t all the security controls from SOC2 and PCI implemented and have answered the questionnaire honestly and are looking for someone to help negotiate and navigate your security posture. You are willing to make short term changes in your environment to improve your security.
- Meet with your partner / customer’s security team or business partner prior to completing the questionnaire discovering their priorities for security.
- Complete the questionnaire during a coaching session.
- Follow up with security team to resolve any potential issues from the questionnaire.
No guarantees are made for approval from partner/customer security team, but we will do our best.
Datacenter to Cloud Migration Strategy Session
Designed for organizations established in data centers that have not yet migrated to the AWS cloud and are considering migration to the cloud or at least a hybrid environment.
- Review your environment in detail with your engineers.
- Review your current security architecture.
- Discuss how your security can be solved in AWS.
- Provide guidelines and recommendation to ensure best practices and security.
Need a whitepaper detailing your security practices and posture?
AWS Security Reference Architecture
We review your current cloud security footprint and report back to you any security gaps that exist. We provide process and governance recommendations to help prevent any future identified security gaps. We also design a reference security architecture based on your current and expected 1 year environment.
- Review your environment in detail with your engineers.
- Review your current security architecture and requirements.
- Recommend security practices based on identified risk.
- Translate how your security can be solved in AWS.
- Provide a reference architecture diagram for your engineers to build against.
Cloud Security Operationalization
Don’t think you have your cloud security in order? Need help prioritizing your cloud security needs? Not sure where to start?
We function as your virtual Director of Cloud Security Engineering and help architect and operationalize security for your AWS environment. We work directly with your cloud engineers providing guidance and thought leadership on an ongoing basis. Need help building out your team or hiring a full-time Cloud Security Leader, we can do that too!
Virtual CISO Advisory
The Virtual CISO provides strategic executive level information security guidance aimed at increasing the security maturity of your organization.
Are you a CTO/CIO/CFO tasked with security? Are your Information Security needs growing, but don’t need a full-time CISO or Head of Security yet?
Functioning at the enterprise level, we provide Information Security guidance at the executive level and relieve you of the burden of Information Security so you can focus on growing your business.
Various levels starting at $3,500/mo. See details here.
Cloud Security Training
Need to train your team on Cloud Security concepts? We have One day and Two day training options for you and your team.
Contact Us for pricing.
Enterprise Security GAP Analysis
Don’t know where your unknown unknowns are? Not sure where to start towards maturing your security? Get clarity – start here!
Designed to give organizations a deep understanding of their current Information Security Maturity. After interviewing major components of your organization and performing a technical review of your infrastructure, we provide a zero-fluff tactical and actionable report presented to your C-Suite that will feed into your yearly security strategy.
Our reports have a proven record of increasing the security maturity of organizations.
Included 1 month of Virtual CISO – Basic after delivery of report.