Assess · Harden · Document · Operate · Prove

Service catalog.

The service model is built around practical security outcomes: stronger identity, cleaner networks, documented evidence, safer access, and leadership-ready reporting.

Monthly retainers

Foundation Security

Monthly review of Microsoft 365, identity, firewall, endpoint, backup, DNS, asset inventory, and executive reporting. Typical range: $500-$2,500/month.

Managed Security Operations

Hands-on security operations, alert workflow, Intune policy administration, remediation coordination, documentation, and quarterly readiness reviews. Typical range: $2,500-$7,500/month.

Fractional vCISO

Risk register, roadmap, policy governance, vendor risk, cyber insurance support, incident response planning, and executive reporting. Typical range: $3,000-$8,000/month.

Productized projects

Security Baseline Assessment

Identity, endpoint, firewall, backup, network, and risk-ranked roadmap for organizations that need a documented starting point.

Microsoft 365 / Intune Hardening

MFA, conditional access, admin roles, device compliance, security baseline review, and configuration documentation.

PKI / Certificate Authority Design

Vault PKI, ADCS, root/intermediate design, key ceremony checklist, CRL/OCSP roadmap, and lifecycle automation plan.

CMMC Readiness Gap Assessment

Scope review, evidence index, SSP/POA&M starter structure, NIST mapping, ESP documentation, and remediation roadmap.

Proof-of-concept offers

Low-friction POCs give prospects a clear artifact before they commit to an ongoing relationship.

  • PKI Trust Portal POC.
  • CMMC Evidence Starter Kit.
  • Cyber Insurance Readiness Review.
  • Zero-Trust Access Design Sprint.
  • MSP Specialist Partner Sprint.

Scope boundaries

Sanctum SecOps should sell outcomes, not unlimited hours. Every engagement should define scope, client responsibilities, access requirements, out-of-scope items, change control, response expectations, and warranty limitations.