Sample Report Request Assessment
Resources

Guides & Checklists
Built from real assessments

These guides and checklists are distilled from real-world attack surface work, incident readiness projects, and vCISO engagements. They’re meant to be practical: something a security lead, IT admin, or founder can actually use this week.

Actionable, not academic M365, Entra ID & SaaS aware Supports NIST & CMMC

Use these as starting points. In our engagements, we tune them to your environment, compliance drivers, and the way your team actually works.

Featured

High-impact guides & checklists

These are the assets we most often use to help teams move from “we should do this” to “we’ve actually done it.”

Checklist

Ransomware Readiness Checklist

A one-page view of the controls, backups, identity safeguards, and playbook components that matter most when ransomware moves from theory to “this morning.”

  • Backups, restores, and isolation
  • MFA, privileged access, and CA policies
  • IR contacts, decision makers, and outside counsel

View basic checklist (HTML) →

Guide

M365 / Entra ID Hardening Guide

A practical sequence for tightening Microsoft 365 and Entra ID without breaking the business, focused on real-world abuse paths.

  • Baseline Conditional Access policy set
  • Admin account model and break-glass controls
  • High-value telemetry to surface and monitor

View guide (HTML) →

Checklist

Incident Response Quick-Start

A short, opinionated checklist to ensure you can move quickly in the first 60–90 minutes of an incident, even if the situation is incomplete and noisy.

  • Who gets called and on what channel
  • What gets preserved and logged first
  • When and how to pull in outside help

View checklist (HTML) →

Catalog

Guides & checklists by domain

A sample of the assets we use in assessments, vCISO engagements, and incident readiness programs. In client work, these are tailored to your environment and risk profile.

Title Domain What it helps you do Format
Ransomware Readiness Checklist Incident readiness Validate that backups, access controls, and playbooks are ready for a real event. Checklist (1–2 pages)
M365 / Entra ID Hardening Guide Identity & cloud Sequence identity and tenant changes to reduce account takeover and lateral movement. Guide (6–10 pages)
Vendor / SaaS Intake Checklist Third-party risk Standardize questions for new SaaS and vendors before data or access is granted. Checklist (2 pages)
IR Quick-Start Worksheet Incident response Capture who does what, where evidence lives, and how decisions get made. Worksheet
Security Governance Starter Checklist Governance & compliance Align basic policies, ownership, and metrics with frameworks like NIST CSF and CMMC. Checklist (2–3 pages)
Using these assets

Turn checklists into real change

A checklist is only useful if it leads to decisions, owners, and deadlines. Here’s how we recommend using these in your own environment.

Start with one domain

Don’t try to run every checklist in one sitting. Start with the domain that maps most directly to your current pain: identity, cloud, ransomware, or vendor risk.

Assign owners & timelines

For each item, identify a single accountable owner and a reasonable timeframe. The goal is to create momentum, not a backlog of “someday.”

Loop back into your runbooks

Where an item touches incident response, change management, or onboarding, update the relevant runbook so improvements stick.

Want these guides tuned to your environment?

In an assessment or vCISO engagement, we adapt these checklists to your stack, your compliance drivers, and your risk appetite—then help you execute.

View Sample Report Talk with a Security Lead