Romain F.

For SME leaders seeking a fast, clear, and actionable overview of their cyber risk exposure.

Our approach:

1. Kick-off Interview (20-30 min)
   Understand your infrastructure, exposed services (servers, cloud, Microsoft 365, VPN, website), and existing security measures.
2. External Technical Scan (45-60 min)
   Analyze your attack surface: open ports, exposed services, vulnerable software versions, remote access (RDP, VPN, SMB), and email configuration (SPF/DMARC/DKIM).
3. Maturity Assessment (20 min)
   Check the fundamentals: multi-factor authentication, backups, endpoint protection, admin account management, and employee awareness.

Your deliverable:

• Cyber risk score: Low / Medium / High
• Top 5 critical vulnerabilities
• 5 immediate corrective actions (quick wins)
• Executive summary for presentation to the management team

In just 2 hours, know whether your company is an easy target and which priority actions to take—a perfect first step before a full-scale audit.

For SMEs with a structured IT environment (Active Directory, Microsoft 365, servers) seeking a detailed assessment of internal and external vulnerabilities.

Our approach:

1. Structured Scoping (30–45 min)
   Define audit scope (Active Directory, Microsoft 365, internal network, cloud hosting) and identify critical assets (ERP, HR data, financial systems) to prioritize the analysis.
2. In-Depth Technical Audit (2 hours)

• Active Directory: privileged accounts, hidden administrators, weak or compromised passwords, critical GPO review.
• Microsoft 365 / Cloud: Secure Score, multi-factor authentication, external sharing, guest accounts, conditional access.
• Infrastructure: internal/external vulnerability scans, obsolete services, network exposure (RDP, SMB, VPN).

3. Organizational Audit (45 min)
   Evaluate cyber governance: existence of policies (PSSI), access management, backup/restoration processes, IT vendor management, user awareness.
4. Risk Analysis & Scoring (30 min)
   Construct risk matrix (impact × probability) and compute cyber maturity score (0–100).

Your deliverable:

• Executive summary for management
• Detailed technical analysis by domain
• Risk matrix with prioritized vulnerabilities
• Cyber maturity score
• 90-day action plan with effort estimates

Gain a comprehensive view of your security posture with a prioritized action plan, perfect for budgeting cybersecurity investments or justifying initiatives to your board.