Onboarding scope

What's included in your first 30 days.

Transparency upfront, no surprises later. Here's exactly what we'll do together in your first month — and what's outside the standard scope so you can decide before you subscribe.

Included in your first month

  • One 30-minute kickoff call over Google Meet to walk through your scan, agree priorities, and split up the work.
  • Email authentication setup — SPF, DKIM, and DMARC configured with your email provider so scammers can't impersonate your domain.
  • Domain protection — transfer lock enabled, DNSSEC turned on, registrar account hardened.
  • WordPress hardening (if applicable) — admin login protection, version exposure removed, plugin and theme audit.
  • Google Business Profile cleanup — with your access, we verify the listing is yours, fix mismatched contact info, and address takeover risks.
  • Password rotation walkthrough — for any accounts our breach check flagged. We walk you through it; we don't take your passwords.
  • Async email support through the month, with a one business day response time.
  • End-of-month rescan and a fresh report showing what changed.

Not included — happy to scope separately

  • Active incident response — suspected compromise, malware cleanup, ransomware. If something is on fire, we'll refer you to a specialist.
  • Custom infrastructure work — migrating to a new host, setting up a CDN from scratch, rebuilding email entirely.
  • Staff security training — phishing tests, training videos, policy authoring.
  • Anything requiring more than about three hours of synchronous time. Most of the work happens async — we'll loop you in for decisions, not babysitting.
  • Compliance certifications — SOC 2, HIPAA, PCI assessments. We can point you to people who do this.

How the work actually happens

  • Week 1 — kickoff call, intake form reviewed, top three fixes agreed.
  • Week 2 — async fixes underway. We handle the backend (DNS, registrar, email auth). You handle anything that needs your login (Google Business Profile, password changes).
  • Week 3-4 — remaining cleanup, validation that the fixes stuck, any handoffs.
  • Day 30 — fresh scan and the first monthly report lands in your inbox.
  • Month 2 onward — continuous monitoring, monthly report, alerts within one business day when something changes.
Start your subscription — $49/month
No setup fees. No long-term contract. Cancel any time.