Most SMBs, municipalities, schools, healthcare practices, and law firms can't justify a full SOC — and shouldn't have to. CyberD20 delivers right-sized managed security: Wazuh-powered visibility, Hermes-assisted triage, and human incident response from people who've actually run investigations.
Existing tooling generates noise. Nobody has time to triage it, so it gets muted — and then misses the one that mattered.
IT carries the load. There's no 24/7 coverage, no detection engineering function, and no playbook beyond "call someone."
One or two technical people, stretched across helpdesk, projects, vendor management, and security at the same time.
Real exposure, no rehearsed response, and an insurance carrier asking pointed questions at renewal.
HIPAA, PCI, CJIS, FERPA, state privacy law — controls expected, evidence-of-controls in short supply.
Logs scattered across tools and SaaS, no single timeline, no honest answer to "what's actually happening on our network?"
CyberD20 was built for Idaho's actual sectors — not for a generic SMB template. Each vertical below brings a distinct combination of regulatory pressure, OT/ICS exposure, and operational reality that we've engineered detections and response workflows around.
Magic Valley and Eastern Idaho hospital systems, FQHCs, specialty practices, and dental groups. EHR-aware monitoring, ransomware-recovery readiness, BAA discipline.
Dairy operations, potato & sugarbeet processors, feedlots, ag co-ops. PLC and HMI awareness, vendor-VPN scrutiny, IT/OT segmentation reviews.
Idaho school districts and Idaho State / BYU-Idaho / CSI scope. Student-data protection, e-rate alignment, BYOD & SIS hardening, board-ready reporting.
Counties, cities, special districts, and elections offices. CJIS-aware logging, ransomware-resilience posture, cyber-insurance alignment, IT-staff augmentation.
Community banks and credit unions across Eastern Idaho and the Magic Valley. Wire-fraud monitoring, MFA discipline, third-party risk, examiner-ready evidence.
BEC and invoice-fraud prevention, vendor-portal hardening, project-data protection, fleet-IT visibility for distributed sites and yards.
Law firms with sensitive caseloads, accounting practices, ISVs, and professional-services firms. Privilege-aware logging, M365/Google Workspace hardening, SOC-2 alignment.
Suppliers and contractors operating in the INL ecosystem. CMMC-readiness, CUI handling, enclave architecture, and audit-ready evidence.
Engagement on tribal sovereignty terms, where appropriate. Gaming-floor and back-office security, NIGC-aware controls, and incident response coordinated with tribal leadership.
Ongoing managed SOC: Wazuh + Hermes, 24/7 IOC alerting, monthly reporting, quarterly briefings, on-call IR support.
Playbooks, tabletop exercises, IR retainer, and pre-event preparation against your real environment.
Executive-grade risk reviews aligned to your sector — HIPAA, PCI, CJIS, FERPA, state privacy law.
Block-of-hours engagements for detection engineering, SIEM tuning, and on-demand investigative help.
30 minutes. Confidential. We discuss your environment, sector, and pressure points.
Written scope and transparent pricing within five business days of discovery.
Wazuh stood up if you don't already have a SIEM, then Hermes deployed on top with baseline detections tuned to your environment.
24/7 monitoring with IOC alerts going directly to the owner or designated manager. Monthly reports, quarterly briefings, and an IR line that's always answered.