Cyber Hygiene Assessments

A tiered, onsite security health check for SMBs. Each package scales from a quick checkup to an executive‑level resilience program—priced to be accessible and inclusive of travel for non‑local clients. Our approach leverages proven open‑source tools interpreted by expert consultants, ensuring results are practical and vendor‑agnostic.

Tier 1

Crash Course Checkup

Quick baseline with open‑source scans and a letter‑grade scorecard.

Starting at $3,900

Onsite (or virtual) walkthrough + 1–2 stakeholder interviews
Open‑source baseline scan (Nmap, SpiderFoot)
Report card with Letter Grade (A–F) + top 5 fixes
Readout & Q&A for leadership

Book Tier 1 Full scope

Tier 2

Two Step Security Fitness

Expanded review, awareness mini‑training, and open‑source vulnerability scanning.

Starting at $8,900

Everything in Tier 1
Expanded interviews across departments
Policy & vendor/tool review + quick gap analysis
Security awareness mini‑session (30–45 min)
External vulnerability scan + risk heatmap (OpenVAS/Greenbone)
Expanded report + prioritized roadmap

Book Tier 2 Full scope

Tier 3

Grey Street Resilience

Executive‑level depth, custom training, and optional outsourced pen test.

Starting at $16,900

Everything in Tier 2
Executive/Board presentation with industry benchmarks
Security tool & vendor recommendations mapped to need
Third‑party risk snapshot (SaaS & vendors)
Custom awareness training with phishing demo (GoPhish)
Optional outsourced penetration test orchestration (ZAP, Amass, partner firms)
12–18 month security roadmap with cost/impact tiers

Book Tier 3 Full scope

À la carte

Bundle discounts with Tier 3

Phishing Simulation Campaign

Test staff with safe phishing emails (GoPhish) and provide a fail-rate report.

$2,500

Password & Access Audit

Review of MFA coverage, stale accounts, and privileged roles using open-source checks.

$2,000

Cloud Security Quick Check

Lightweight AWS/Microsoft 365 review (ScoutSuite, Prowler, Secure Score).

$2,500

Incident Response Playbook

Custom IR plan and workshop to prepare your team for real-world events.

$3,000

Endpoint Baseline Audit

Check patch levels, EDR/AV presence, and encryption status across devices.

$2,000

Vendor/SaaS Risk Snapshot

Quick OSINT-based review of top vendors’ practices and risks.

$2,000

Penetration Testing (Application or Network)

Targeted penetration testing of applications or networks. Engagements start at $5,000, with scope and complexity determining the final price.

Starting at $5,000

Security Awareness Training Workshop

Interactive, instructor-led session tailored to your staff, covering phishing, password hygiene, and safe remote work.

$3,000

Policy & Compliance Package

Editable policy templates with advisory support to align with NIST CSF, ISO 27001, or SOC 2 requirements.

$3,500

Notes & Assumptions

Pricing covers travel & hotel for non‑local clients within the contiguous U.S.
All scans and testing use safe, open‑source tools with written authorization.
Bundle discounts available; nonprofit pricing upon request.

Ready to level up your security hygiene?

Please include your company size, primary platforms (O365, Google, AWS, etc.), and scheduling preferences. We’ll confirm next steps within one-two business day.

Email ABI See more services