Hurricane Season is Active (Jun–Nov). South Florida businesses: rushed remote work setups and backup failures create major attack windows. Get a pre-season audit before it's too late →
Services & Pricing

Security Services Built
for Real Businesses

Flat rates. Written authorization before anything starts. Delivered with a full report and exact fix commands for every finding. No enterprise bloat, no vague recommendations.

Core Services

What's Included
In Every Engagement

01
Security Audit
READ-ONLY
$299
per server / engagement
24hr turnaroundHTML + PDF reportNo system changes

A full read-only security assessment of your Linux servers. We deploy the CCypher Audit Tool, run 14 check modules, and produce a scored HTML report with every finding rated by severity and the exact command to fix it. Your data never leaves your environment.

What gets checked:

  • OS & Security Updates — pending CVE patches flagged separately
  • Open Ports — dangerous ports (RDP, Telnet, SMB, Redis, MongoDB, VNC)
  • Firewall — UFW, firewalld, iptables — CRITICAL if nothing active
  • SSH Hardening — root login, password auth, default port, MaxAuthTries
  • Failed Logins — brute-force indicators from system logs
  • Backup Systems — cron jobs, tools, systemd timers
  • Disk Space — all mounts, early warning thresholds
  • Privileged Users — sudo/wheel group enumeration and review
  • Password Policy — expiry rules, empty accounts, PAM complexity
  • User Accounts — inactive 90d+, UID 0 anomalies, never-logged-in
  • Running Services — suspicious processes (netcat, socat, ngrok, Metasploit)
  • World-Writable / SUID — privilege escalation file risks
  • Cron Jobs — wget/curl/base64 patterns in scheduled tasks
  • Logging & Audit — syslog, log rotation, auditd status
02
Penetration Testing
ACTIVE — AUTH REQUIRED
$799+
per engagement
PoC documentationFull written reportRemediation included

Active testing using real-world attacker techniques — SQL injection, XSS, command injection, privilege escalation, lateral movement. Every finding documented with proof-of-concept screenshots, CVSS score, and the exact fix. Signed scope of work required before we start.

Engagement types:

  • Web Application — OWASP Top 10, injection, broken auth, IDOR, CSRF ($799)
  • API Security — GraphQL, REST, auth bypass, rate limiting, SSRF ($799)
  • Internal Network — lateral movement, AD attacks, privilege escalation (from $1,200)
  • External Surface — exposed attack surface, subdomain enum, recon (from $999)
  • Full Scope — web + API + network combined (custom quote)
03
Incident Response
EMERGENCY AVAILABLE
Call
for emergency pricing
Same-day FL responseOn-site availableContainment → recovery

Already breached — or suspect you might be? We contain the threat, investigate the full timeline, identify what was accessed, eradicate persistence, and get you back online. On-site available in Broward and Miami-Dade counties with no travel markup.

What we do:

  • Containment — isolate affected systems, stop active attacks immediately
  • Forensic Analysis — full timeline, what was accessed, how they got in
  • Eradication — remove malware, backdoors, and all persistence mechanisms
  • Recovery — restore systems securely, harden against re-entry
  • Post-Incident Report — root cause, full timeline, prevention steps for your team
Pricing

Flat Rates.
No Surprises.

STARTER
$299
per engagement
  • Security audit — 1 server
  • 14 check modules
  • HTML + text report
  • Security score A–F
  • Remediation commands
  • 24hr turnaround
Get Started
POPULAR
PROFESSIONAL
$799
per engagement
  • Full penetration test
  • Web app or API
  • PoC for every finding
  • CVSS severity ratings
  • Written report + debrief
  • Remediation guidance
Get Started
RETAINER
Custom
monthly rate
  • Quarterly security audits
  • Priority incident response
  • Ongoing advisory
  • Compliance tracking
  • Dedicated consultant
  • Monthly security briefing
Contact Us
Add-Ons

Expand Your
Engagement

+$99
Additional Server

Add any extra Linux server to an existing audit engagement. Same 14-module scan, same report format.

+$49
Email Report Delivery

Automated report delivery to any email address via SMTP at end of engagement. Branded HTML attachment.

+$149
Compliance Mapping

Map audit findings to PCI-DSS, HIPAA, or CIS Benchmark controls. Gap analysis included in report.

+$199
Social Engineering Test

Targeted phishing simulation against your staff. Tracks click rate, credential entry, and reporting behavior.

+$299
Hurricane DR Audit

Focused assessment of your disaster recovery posture — backup integrity, RTO/RPO, remote access security for storm season.

Free
30-Min Consultation

No commitment. We assess your environment and identify your top 3 risks — before you sign anything.

Monthly Retainer

Ongoing Security
Partnership

Best option for businesses that need security maintained, not just checked once. A monthly retainer turns CCypher Security into your dedicated security team.

// WHAT'S INCLUDED

  • Quarterly security audits (all servers in scope)
  • Priority incident response — jump the queue, guaranteed same-day contact
  • Monthly security briefing — threat landscape for your industry
  • Ongoing advisory — ask questions anytime, get real answers
  • Compliance tracking — maintain posture toward PCI/HIPAA/SOC 2
  • Annual penetration test included (Professional tier)

// WHO IT'S FOR

  • Medical offices handling patient data (HIPAA)
  • Retail or e-commerce processing payments (PCI-DSS)
  • Law firms or financial services handling sensitive PII
  • Any business that can't afford a breach — which is most of them
  • Companies requiring compliance documentation for clients or insurers
Get a Retainer Quote

Not Sure Where
to Start?

Free 30-minute call. We'll look at your environment and tell you exactly what makes sense — no commitment.

Book Free Consultation