Services & Pricing

Every threat vector. Flat-fee pricing.

Incident response, platform hardening, and continuous managed detection built for professional services firms in New England and nationwide.

Core Services
Incident Response

When something goes wrong, we are the call you make.

Active containment, forensic investigation, eradication, and post-incident reporting. We respond across every platform your firm runs. Direct line to a security engineer. No ticket queue.

<30 min Response goal on active incidents
$7M+ Wire fraud disrupted in a single engagement
Same Day Containment on confirmed breaches
M365 · GWS · AWS Multi-platform IR coverage
Ongoing Engagement

Your security partner, not just your incident vendor.

Structured, ongoing coverage for firms that need more than a one-time engagement. IR retainer access, monthly oversight, quarterly posture reviews, and continuous hardening across M365, AWS, and Google Workspace.

IR Retainer Priority access when an incident hits. We already know your environment.
Monthly Oversight Threat review, policy drift checks, and identity hygiene every month
Quarterly Review Formal posture assessment with findings and remediation tracking
M365 · AWS · GWS Ongoing hardening projects as your environment evolves
Microsoft 365 & Entra ID

M365 Security Assessment

Deep configuration review of your M365 tenant, Entra ID identity stack, Exchange Online, and Defender posture. We find what attackers look for first.

Entra ID Review Conditional Access MFA Enforcement Exchange Security Defender Config Privileged Access
Google Workspace

Google Workspace Hardening

Assessment and remediation of your GWS admin console, Gmail security, OAuth app access, and identity controls across your organization.

Admin Console Audit Gmail Security OAuth App Review 2-Step Enforcement Drive DLP Controls Alert Center
AWS
Amazon Web Services

AWS Security Hardening

IAM policy review, S3 exposure assessment, CloudTrail and GuardDuty configuration, and misconfiguration remediation across your AWS environment.

IAM Review S3 Exposure Audit CloudTrail Config GuardDuty Setup Security Hub Least Privilege
Managed Detection

Continuous coverage across every layer.

24/7 monitoring with real engineers on the backend. Not a product dashboard. A security team watching your environment around the clock so threats get caught before they become incidents.

24/7 MDR Endpoint, identity, and email monitoring with real-time escalation
SIEM Log aggregation, correlation rules, and alerting across your full environment
ITDR Identity Threat Detection and Response. Credential abuse, lateral movement, privilege escalation.
Phishing Campaigns Simulated phishing tests with training follow-up to measure and reduce human risk
Pricing

Transparent. Flat-fee. No surprises.

All engagements are flat-fee. You know the cost before we start. Rates reflect going market rates for New England cybersecurity consulting, with BTC's boutique advantage: direct senior-engineer access at every level.

One-Time Assessment
Security Assessment
$2,500
flat fee · per platform
A deep-dive audit of your M365, Google Workspace, or AWS environment with a prioritized findings report and remediation roadmap.
  • Full configuration audit (Entra ID, Exchange, Defender)
  • Identity and MFA posture review
  • Conditional Access policy evaluation
  • Privileged access and admin exposure analysis
  • Written findings report with risk ratings
  • Prioritized remediation roadmap
  • 30-min debrief call included
Schedule Assessment →
Market rate in New England: $2,500–$7,500 per platform. Comparable firms charge $150–$300/hr.
⭐ Most Popular
Security Retainer
$1,500
per month · annual agreement
Ongoing coverage, IR priority access, monthly security oversight, and quarterly posture reviews. The smartest way to buy security before you need it.
  • Priority IR response (<1 hr vs 24–72 hrs without retainer)
  • Up to 5 IR hours per month, rollover eligible
  • Monthly identity and policy drift review
  • Quarterly formal posture assessment
  • Ongoing hardening projects across M365, AWS, GWS
  • Direct engineer line (phone/Signal/email)
  • Annual threat briefing for your leadership
Start a Retainer →
Market rate: $2,500–$8,000/mo for small-firm IR retainers with a named engineer.
Active Incident
Incident Response
$350
per hour · retainer clients
For active incidents, BEC response, ransomware triage, and forensic investigation. Retainer clients get priority response and the lowest rates. Without a retainer, emergency rates apply.
  • Immediate containment — accounts, sessions, access
  • Full forensic investigation of M365/GWS/AWS tenant
  • Malicious rule and app removal
  • Attacker infrastructure identification
  • Post-incident report (insurance/legal ready)
  • Hardening recommendations included
  • Emergency rate (no retainer): $600–$800/hr
Report an Incident →
Market rate in New England: $300–$500/hr retained; $800–$1,500/hr emergency (no retainer). Source: Mandiant, CrowdStrike 2026 data.

📈 New England Market Context — What Others Charge

Emergency IR (No Retainer)
$800 – $1,500/hr
Industry standard from firms like Mandiant, CrowdStrike, and regional boutiques. Clock starts the moment you call.
Security Assessment (M365)
$2,500 – $7,500
Flat-fee or time-and-materials at $150–$300/hr depending on scope. Typical engagement: 15–25 hours.
Annual IR Retainer (Mid-Market)
$25,000 – $100,000/yr
Larger firms charge $25K+ for basic retainer access. BTC's monthly structure gives smaller firms the same protection at a fraction of the cost.
Managed Security (SOCaaS)

Need 24/7 managed security at scale?

For firms ready for a full managed security program, Black Tower Cyber is the IR and assessment arm of Tower Zero Security, our SOCaaS joint venture. Tower Zero delivers 24/7 monitoring, SIEM, ITDR, and phishing programs at the MSSP level.

See Tower Zero Pricing ↗

Talk to a security engineer. Not a sales rep.

Book a free 30-minute call. Get honest answers about your environment and what it will take to secure it.

Get Flat-Fee Pricing →
✓ Direct line to a security engineer  ·  ✓ Flat-fee engagements  ·  ✓ New England & Nationwide