Sample Security Assessment Report — What You Actually Get

Page 1 — Executive Summary

Risk score. Top 3 findings. No fluff.

The executive summary is the page you hand the partner or city manager. Risk score out of 100, three critical findings in plain English, and a bottom-line recommendation.

Security Posture Score — North Texas Regional Law Firm (45 endpoints)

Overall Risk Score

34 / 100

Critical Risk — Immediate Action Required

Top 3 Findings

Critical

External RDP exposure on 3 endpoints — no MFA

Remote Desktop Protocol open to the internet on ports 3389 and ████. No multi-factor authentication. Active brute-force attempts logged from ██.███.██.███ (RU). Attorney workstations reachable without credential bypass.

Critical

Leaked credential found in public breach dataset

Email ████████@ntrlawfirm.com with plaintext password found in ████████ breach dump (2024). Password reuse confirmed against Office 365 tenant ████████████████.

High

No EDR coverage on 12 of 45 endpoints

Paralegal workstations and conference room terminals running Windows 10 21H2 (end of support Nov 2025) with only Windows Defender. No centralized telemetry or alert routing.

Assessment Type

External + Internal Posture

Endpoints Assessed

45

Compliance Frameworks

Texas State Bar Ethics Op. 712

Days to Deliver

5 business days

Report Structure

12 pages. 6 sections. Nothing skipped.

Every assessment follows the same structure so you can benchmark it against a future reassessment. Here's what's inside.

Pages 1 — Executive Summary

Risk Score + Top Findings

Composite risk score (0–100), three critical findings in plain English, and a one-paragraph bottom-line for leadership. Designed to be handed to a non-technical stakeholder immediately.

Overall Score: 34/100
Severity: CRITICAL
Findings: 3 Critical, 6 High, 9 Med

Pages 2–4 — Attack Surface

External Scan + Exposed Services

External port scan results, exposed services, subdomains, SSL cert issues, and credential leak check against public breach datasets. Redactions applied to live IPs and email addresses.

Open ports: 80, 443, ████, 3389
Cred leak: ████████@domain.com
Subdomain: ███.ntrlawfirm.com ⚠

Pages 5–6 — Internal Posture

MFA, EDR, Patch, Privilege

MFA enrollment gaps, EDR coverage map by endpoint, unpatched CVEs by severity, and privileged account hygiene review. Scored across 14 control areas.

MFA enrolled: 31/45 (69%)
EDR covered: 33/45 (73%)
Unpatched Critical CVEs: 7
Domain admins w/ MFA: 0

Pages 7–8 — Compliance Gap Analysis

Texas Bar Ethics Opinion 712

Mapped to applicable compliance framework — Ethics Op. 712 for law firms, CJIS v6.0 for municipalities, CMMC for defense contractors. Each gap has a control reference and remediation owner.

Ethics Op. 712 §4.1: ❌ FAIL
Encryption at rest: ⚠ PARTIAL
Incident response plan: ❌ MISSING
Vendor access controls: ❌ FAIL

Pages 9–10 — Remediation Roadmap

Effort / Impact Matrix

Prioritized action list sorted by effort vs. impact. Items tagged Quick Win, Near-Term, or Strategic. Includes owner assignments (IT, vendor, legal) and estimated completion time.

🟢 Quick Win: Enable MFA on O365 (2 hrs)
🟡 Near-Term: EDR rollout to 12 endpoints
🔴 Strategic: Implement IR playbook

Pages 11–12 — CoreRecon Coverage + Next Steps

How Each Tier Closes Your Gaps

Maps each finding to Sentinel, Fortress, or Command tier. Shows what gets covered at $89/endpoint vs. $129/endpoint. Final page is scheduling and contact — no pressure, no contract required.

Finding 1 → Sentinel (24/7 SOC)
Finding 2 → Fortress (EDR deploy)
Finding 3 → Command (CISO layer)

Assessment Methodology

What we actually look for.

Every assessment covers these 20 control areas. You'll get a scored result on each — not a checkbox, a real finding or a confirmed pass.

External port exposure and open services

Remote access protocols (RDP, SSH, VPN) with MFA

Credential leak check against public breach datasets

SSL/TLS certificate validity and cipher strength

Subdomain enumeration and shadow IT discovery

Domain email spoofing protection (SPF, DKIM, DMARC)

EDR endpoint coverage map by device type

MFA enrollment rate — all users, all cloud apps

Patch cadence — critical CVE time-to-patch metric

Privileged account hygiene (domain admin count, MFA)

Backup integrity and offline/immutable copy verification

Network segmentation — flat vs. segmented topology

Endpoint encryption (BitLocker / FileVault coverage)

Security awareness training completion rate

Incident response plan — existence and last test date

Third-party / vendor access controls and reviews

Cloud tenant configuration (M365 / Azure / AWS)

Compliance framework gap mapping (CJIS / CMMC / HIPAA)

Logging and SIEM coverage — what is monitored, what isn't

Physical access controls and USB policy enforcement

Why This Is Free

The $2,500 number is real. So is the free part.

$2,500

What peer MSSPs charge for an equivalent external + internal posture assessment. We've done the market comp. The number holds.

5 Days

Delivery SLA from intake call to final PDF in your inbox. Faster than any enterprise MSSP. We don't subcontract the work.

No Strings

No contract required. No credit card. The report is yours regardless of whether you become a client. We earn the business through the work, not by holding findings hostage.

SDVOSB Certified — AT&T Vendor for State of Texas Incident Response

CoreRecon is a Service-Disabled Veteran-Owned Small Business. John Martinez has led incident response under a State of Texas contract. The assessment is conducted by the same team that does the work.

Here's exactly what you get.

Risk score. Top 3 findings. No fluff.

12 pages. 6 sections. Nothing skipped.

What we actually look for.

The $2,500 number is real. So is the free part.

Ready to see your actual score?