This security risk analysis takes the most comprehensive approach to your security posture.
It looks at more than a dozen components of your IT environment by looking at DNS risk assessments, firewall capabilities and practices, disaster recovery policies, vulnerability scans, and more.
Pros & Cons of a Purple Team Hive Assessment
Like any service, our Purple Team Hive Assessments has its pros and cons.
When asking if this is the right IT security risk assessment for your business, we encourage you to think through the following:
Benefits of The KR Group’s Purple Team Hive Assessment
When you sign up for an IT security risk assessment, here are a few pros you can anticipate:
- Comprehensive: This assessment looks over every aspect of your IT environment. Our security team reviews your strengths and weaknesses from both a defensive and offensive approach.
- Risk Rating: Once our security team completes the security risk assessment, they’ll compile their findings and rate each risk and vulnerability on how detrimental it could be to your business.
- Reduction Recommendations: Along with rating your vulnerabilities, our security team also provides written advice on addressing them.
Problems with The KR Group’s Purple Team Hive Assessment
While we truly believe our IT security risk assessment is designed to benefit most businesses, we also know it isn’t perfect. A few common problems include:
- Unsolved vulnerabilities: While this assessment does rate your vulnerabilities and provide ways to address them, it does not actually resolve the issues.
- Time: To be thorough, this IT security risk assessment takes time, generally around four weeks. It is not designed to be a quick fix to security issues, but instead, it will help you devise a strategy to bolster your security posture.
- Expensive: Our Purple Team Hive Assessment doesn’t fit in the budget of every business. We believe it is fairly priced for what it offers, but we also acknowledge it can be expensive for some businesses.
Cost of a Purple Team Hive Assessment
The cost of our Purple Team Hive assessment covers all fees for project management and completion. This varies depending on the size of your IT environment.
There is a base price, which is calculated per user, and any additional site you want to be incorporated into the security assessment adds $700 for each location after the first.
If you opt for a Purple Team Hive Assessment, the base fee starts at a minimum of 200 users. Each user after 200 but before 251 is an average of $75 each. User #251 and beyond costs $15 each.
You should consider the per-user fee as an estimate when calculating the price of a security assessment, though. Pricing can fluctuate up or down based on the complexity of your IT environment.
Timeline for a Purple Team Hive Assessment
As we mentioned earlier, our IT security risk assessment is a thorough yet sometimes lengthy process.
Most Purple Team Hive Assessments take four weeks as our team completes these six phases:
Pre-engagement (1-2 weeks before assessment)
This phase allows our security team to gather all the information they’ll need, have you sign a non-disclosure agreement, and provide contact information and environment-specific information.
Launch day (1 day)
During this phase, our security team will ensure all the information they have about your IT environment correct and officially start the assessment with an external vulnerability scan and creating a Cisco Umbrella account.
On-site analysis (1 day)
For this portion of the assessment, The KR Group’s defensive team looks at how your server, routers, Active Directory, and other networking components are configured. Meanwhile, the offensive team identifies and safely exploits vulnerabilities that may exist in your environment.
Remote analysis (1-2 weeks)
The rest of the assessment takes place remotely. Our security reviews data from phishing campaigns and Cisco Umbrella and continues the manual assessment of your network.
Clean-up (1-2 days)
When our team finishes assessing your IT environment, we’ll close out the project by cleaning up your IT environment and leaving it just as we found it.
Report presentation (1-2 days)
After the assessment work is complete, we’ll compile everything we found into a report. This document is detailed and lengthy, so we’ll also schedule a time to go over it with your team. Once all these steps are complete, you can expect a final follow-up around four weeks later to check if you have any questions or concerns.
Resources about a Purple Team Hive Assessment
For more information about our Purple Team Hive Assessment, check out the following resources:
Request an Estimate
The KR Group is the only IT consulting company that empowers business leaders to make informed technology decisions by providing premium educational resources and personalized services.