Foundation
One-time security assessments that give you a clear picture of your risk posture. Perfect for businesses that need a pentest for insurance, want to know where they stand, or are preparing for compliance.
$2,500 – $20,000 • One-Time Engagement
What's Included
- External Penetration Testing — We simulate real-world attacks against your internet-facing systems. You get a detailed report with CVSS-scored vulnerabilities, proof-of-concept evidence, and prioritized remediation steps.
- Vulnerability Assessment — Automated and manual scanning of your environment to identify known vulnerabilities, misconfigurations, and security gaps.
- Security Posture Review — We evaluate your current security controls against industry frameworks (NIST, CIS) and provide actionable recommendations.
- Compliance Gap Analysis — For HIPAA, PCI-DSS, CMMC, or SOC 2 — we identify what you have, what you're missing, and what it takes to close the gaps.
- Executive Summary Report — A plain-English document for leadership that explains risk in business terms, not technical jargon.
- Insurer-Ready Documentation — Reports formatted to satisfy cyber insurance requirements. Hand it directly to your broker or underwriter.
Why it matters: 44% of cyber insurance claims are denied for inadequate security controls. A Foundation engagement gives you the documentation to prove you're protected — before you need to file a claim.
Who It's For
- Businesses approaching cyber insurance renewal
- Companies that have never had a professional security assessment
- Organizations responding to client or vendor security questionnaires
- Businesses preparing for compliance audits (HIPAA, PCI, SOC 2)
- Companies that experienced a close call and want to know their actual risk
Deliverables
- Penetration Test Report (technical + executive summary)
- Vulnerability Assessment Results
- Prioritized Remediation Roadmap
- Compliance Gap Analysis (if applicable)
- Insurance-Ready Documentation Package
- 30-day follow-up to verify remediation
Timeline
Most Foundation engagements complete in 2-4 weeks depending on scope:
- Week 1: Scoping, contracts, and reconnaissance
- Week 2-3: Active testing and assessment
- Week 3-4: Report generation and delivery
- +30 days: Remediation verification
Pricing
Foundation engagements range from $2,500 to $20,000 depending on:
- Number of external IPs and web applications
- Scope of internal assessment (if included)
- Compliance frameworks involved
- Complexity of your environment
We provide fixed-price quotes after a free 30-minute scoping call. No surprises.
Find out where you stand.
Free 30-minute scoping call. We'll understand your environment, discuss your goals, and provide a fixed-price quote.
Schedule Scoping Call