VitalSigns are rapid, focused engagements that generate near-term, tactical responses to specific cybersecurity challenges.

The VitalSigns program is organized around three themes:


Organization VitalSigns

Organization VitalSigns are focused on the overall health of the organization's security program.

Enterprise Security VitalSigns

  • Description: Rapid assessment of key security indicators for large enterprise businesses.
  • Scope: Analysis across five dimensions: Governance, Operations, Architecture/Technology, Personnel, and Responsiveness.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations.
  • Pricing: Fixed price engagement. Please contact us for more information.

SMB Security VitalSigns

  • Description: Rapid assessment of key security indicators for small-to-medium sized businesses.
  • Scope: Analysis across five dimensions: Governance, Operations, Architecture/Technology, Personnel, and Responsiveness.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations (tactical plan).
  • Pricing: Fixed price engagement. Please contact us for more information.

Cloud Security VitalSigns (Hyper-extended Organizations)

  • Description: Rapid assessment of key indicators for security of cloud-based services.
  • Scope: Analysis across five dimensions: Asset Management, Organization, Data Management, Processes, and Service Level Agreements.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations (tactical plan).
  • Pricing: Fixed price engagement. Please contact us for more information.

Technology VitalSigns

Mobile Security VitalSigns

  • Description: Rapid assessment of key security indicators for mobile devices and computing.
  • Scope: Analysis across four dimensions: Policy, Configuration, Access Control, Data Management.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations (tactical plan).
  • Pricing: Fixed price engagement. Please contact us for more information.

Identity and Access Management (IAM) VitalSigns

  • Description: Rapid assessment of key security indicators for identity and access managemenet systems.
  • Scope: Analysis across four dimensions: identity data infrastructure, identity administration, access management, and identity audit.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations (tactical plan).
  • Pricing: Fixed price engagement. Please contact us for more information.

Security Portfolio VitalSigns

  • Description: Rapid assessment of key security indicators for security technology selection, effectiveness, and fit-to-purpose.
  • Scope: Analysis across five dimensions: Fit-to-purpose, Licensing/Maintenance, Modernity, Personnel, Selectivity.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations (tactical plan).
  • Pricing: Fixed price engagement. Please contact us for more information.

Software Assurance VitalSigns

Software Development Lifecycle (SDLC) VitalSigns

  • Description: Rapid assessment of key security indicators for secure software development.
  • Scope: Analysis across four dimensions: Governance, Intelligence, Practices, Deployment.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations (tactical plan).
  • Pricing: Fixed price engagement. Please contact us for more information.

Application Source Code VitalSigns

  • Description: Rapid assessment of key security indicators for software application source code.
  • Scope: Source code analysis testing for OWASP Top 10 vulnerabilities. Languages: C/C++, .NET (C#/VB.NET), Java, Perl, PHP.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations (tactical plan).
  • Pricing: Fixed price engagement. Please contact us for more information.

Web Application VitalSigns

  • Description: Rapid assessment of key security indicators for web applications.
  • Scope: Remote security assessment of web applications testing for OWASP Top 10 vulnerabilities.
  • Deliverables: VitalSigns Report with Summary Report Card, Next-steps Recommendations (tactical plan).
  • Pricing: Fixed price engagement. Please contact us for more information.


Actionable, tactical plans derived from rapid, focused assessments using key security indicators.