No quotes that require a sales call. No long-term lock-ins. Pick the plan that fits your team size — and get enterprise-grade protection starting the same week.
All plans include a free onboarding security assessment. Pricing based on standard NYC SMB environments. Contact us for exact quotes based on your team size and technology stack.
| Feature | Essentials $799/mo |
Professional $1,499/mo |
Enterprise From $2,499/mo |
|---|---|---|---|
| Assessments | |||
| Security Risk Assessments | ×1 / year | ×2 / year | ×4 / year |
| Penetration Testing | — | — | ✓ Annual |
| Vulnerability Scanning | — | ✓ | ✓ |
| Compliance | |||
| Compliance Gap Analysis | Baseline | ✓ Full | ✓ Full |
| WISP Documentation | Templates | ✓ Maintained | ✓ Maintained |
| Ongoing Compliance Mgmt | — | ✓ | ✓ |
| Vendor / BAA Management | — | ✓ | ✓ |
| Monitoring & Protection | |||
| 24/7 Threat Monitoring | — | ✓ | ✓ |
| MDR Endpoint Protection | — | ✓ | ✓ |
| SIEM Log Aggregation | — | — | ✓ |
| Dark Web Monitoring | — | ✓ | ✓ |
| Training | |||
| Phishing Simulations | Quarterly | Monthly | Unlimited |
| Security Awareness Training | Annual | Quarterly | Custom |
| Bilingual (EN + Mandarin) | ✓ | ✓ | ✓ |
| Response & Support | |||
| Incident Response Plan | — | ✓ | ✓ |
| IR Response SLA | — | 4 hours | 1 hour |
| Monthly Security Report | — | ✓ | ✓ |
| Dedicated Account Manager | — | — | ✓ |
| Support Hours | Business hours | Extended | 24/7 |
Start with a one-time engagement. Many clients begin here and move to a managed plan after seeing what we find.
A full review of your network, devices, policies, and compliance posture. Includes written report with prioritized findings. Ideal first step for any organization.
Simulated attack on your network and/or web applications to identify exploitable vulnerabilities before real attackers do. Required by some insurance carriers.
A single live training session (60–90 min) covering phishing, password hygiene, MFA, and secure work habits. Available in English or Mandarin. Up to 25 attendees.
Standalone compliance gap assessment against HIPAA Security Rule or NY SHIELD Act. Deliverable includes gap report and remediation roadmap.
Active breach or ransomware? We respond immediately for non-retainer clients. Containment, investigation, recovery, and regulatory notification support.
Need something specific that doesn't fit the above? We scope custom projects for policy writing, architecture review, M365 hardening, and more.
We'll review your current setup, identify your top risks, and recommend the right plan — or tell you honestly if you don't need us yet.