Tier 1
Essential Exposure Review
Know where you stand. A clear baseline for businesses that have never had an outside view of their digital exposure.
Who this is for
Small businesses with 5–15 employees that rely on email, a business website, and cloud tools — but have never had a structured review of where they might be exposed. Common triggers: a suspicious email, a client asking about security, or the simple sense that it's time to find out where things stand.
What we review
External exposure review
We map what is publicly visible about your business online — domains, open ports, exposed services — and flag anything that looks exploitable.
Email security configuration check
We review whether your email setup can be spoofed. Scammers often send fake invoices or impersonation emails that appear to come from your domain.
Website and domain scan
We check your website for known vulnerabilities, outdated software, and misconfigured settings that could be exploited.
Credential exposure check
We check whether staff email addresses and passwords have appeared in known data breaches — a common entry point for account takeovers.
Basic access and MFA hygiene review
We assess whether your accounts have multi-factor authentication enabled and whether access controls follow basic security hygiene.
What you receive
- Plain-language summary report
- Prioritized list of top 3–5 fixes ranked by business impact
- Clear description of what each finding means for your business
- 60-minute findings review call to walk through the report together
Note: The Essential Exposure Review covers your external footprint. If you need a deeper look at internal systems, Microsoft 365 configuration, or insurer-readiness documentation, the Business Risk Assessment is the right next step.