Kickoff for new clients

Hi - if you're a new client of mine, our first discussions will cover these items.

Start Here

First, we need to get you on a path to grow security without R10N.

• 👋 Hiring: Planning for IT / security headcount or interim support.
• 📝 Compliance: Discussing if an early SOC2 is useful or not.
• 😱 Risk Assessment: Prioritizing threats we should worry about.

Fundamentals

We will put high impact security patterns in place that prevent real world incidents.

• 🔐 Auth: Segmenting & reducing access and making intrusions difficult.
• 🤐 Secrets: Sane usage of credentials, keys, and passwords.
• 🚒 Incident Response: Plans, logs, playbooks, and exercises.
• ✅ Best practices : Hardening against large classes of attacks.

Advanced

When you're a little farther down the road, we may talk about more involved areas.

• 🔁 Vuln Management: Finding and fixing vulnerabilities, faster.
• 🎣 Trust and Safety: Dealing with abuse, spam, fraud, etc.
• 🚨 Detection: Alerting for potential intrusions or insiders.

We can talk about anything you don't see on this list.