Transparent Pricing

Start free.
Scale when you need to.

Try a ransomware tabletop free in your browser. Subscribe at $99/month to run unlimited tabletops yourself. Upgrade to live threat intel and facilitator office hours when you outgrow self-serve. Bring a facilitator on-site when you need a room.

01 · 02

Try free, then go self-serve

Community

Built for SMB, county and municipal government, small water and energy operators, ISC2 chapter members, and nonprofits. Try the platform free, then subscribe at $99/month for unlimited self-run exercises.

Free

Community

$0
no signup, no credit card

Get a free readiness score and try an interactive scenario demo. Designed for ISC2 chapter members, small businesses, and nonprofits sizing the platform.

  • 2-minute ransomware readiness check with graded report
  • 8 interactive scenario demos with AI facilitator
  • Email-delivered exercise report after each demo
  • Compliance framework overview (NIST, SOC 2, HIPAA, etc.)
  • No credit card, no signup — start now
Best for SMB / Gov / Critical Infra
Subscription · Self-serve

Community Membership

$99/month
or $1188/yr · cancel anytime

Self-serve readiness for SMB, gov, and critical infra. Unlimited exercises, full scenario library, continuous readiness scoring. No facilitator time — you run them.

  • Up to 12 self-run tabletop exercises per year (AI facilitator)
  • Full scenario library access (8 ready-to-run scenarios)
  • Auto-generated After-Action Reports per exercise
  • Continuous 8-dimension readiness scoring
  • Gap tracker for remediation follow-up
  • Compliance framework overview (NIST 800-61, NIST CSF)
  • Up to 10 team members on the platform
  • Monthly threat landscape briefing (community edition)
  • Cancel anytime — no annual commitment
Subscribe — $99/month

Outgrowing self-serve but not ready for a facilitator? Professional adds live threat intel, premium scenarios, and monthly office hours at $499/mo.

03

Add live threat intel and office hours

Professional

The rung between $99 self-serve and $7,500 facilitated. Weekly threat briefings auto-injected into your scenario library, premium sector-specific scenarios, and a monthly group office hour with a real facilitator.

Closes the cliff
Subscription · Live intel + office hours

Professional

$499/month
or $5,988/yr · cancel anytime

Compliance evidence exports + facilitator office hours.

  • Everything in Community
  • Weekly threat briefings — MITRE ATT&CK + CISA KEV emailed every Tuesday
  • Premium sector-specific scenarios (Pro tier library)
  • Custom-branded AAR PDF exports (your logo + colors)
  • Compliance evidence pack exports (NIST CSF + SOC 2 — JSON/CSV)
  • 1h/month live facilitator office hours (group format)
  • Up to 25 team members on the platform
  • Priority support (24h response)
Subscribe — $499/month
vs. Community ($99/mo)

What changes when you upgrade

  • Threat intel goes from monthly to weekly — auto-injected into scenarios
  • Premium scenarios (16/yr) added on top of the 8-scenario library
  • 1h/mo live facilitator office hours (group format)
  • Team seats: 10 → 25
  • Support: 72h → 24h
  • Compliance evidence pack exports (NIST CSF + SOC 2)
  • Custom-branded AAR PDFs

Need a facilitator in the room for a specific engagement? See facilitated tiers below.

04

Hire a facilitator for a specific engagement

Per-engagement

When you need a real facilitator in the room (or on the call) for a specific event — board exercise, post-incident drill, executive simulation. Custom scenario design, scored maturity assessment, board-ready deliverables.

Foundation

Cyber Readiness Assessment

$7,500
per engagement · Remote · 4h

Find out where your incident response breaks down — before a real attacker does. Half-day remote exercise with a scored capability assessment.

  • Threat scenario exercise design (sector-specific, MITRE ATT&CK-mapped)
  • Facilitated incident response tabletop (half-day)
  • Operational Response Capability Assessment (NIST 800-61 aligned)
  • Coordination gap analysis with escalation mapping
  • Interactive After-Action Review
  • Incident decision playbook template
  • Facilitator & participant guides
  • Written summary report with prioritized findings
Get Started — Cyber Readiness Assessment ($7,500)
Most Popular
Operational

Operational Cyber Resilience Program

$15,000
per engagement · Remote · 8h

The engagement that changes how your executives think about incident response. Custom adversary scenarios, maturity scoring, and a remediation roadmap they actually follow.

  • Everything in Cyber Readiness Assessment
  • Custom adversary scenario development (active threat landscape)
  • Threat actor scenario mapping (tested vs. untested TTPs)
  • Incident escalation decision tree (technical → executive)
  • Executive Response Scorecard (decision speed, quality, coordination)
  • Response Maturity Assessment (5-level model, NIST CSF aligned)
  • Crisis communication templates (ransomware, breach, disruption)
  • Response playbook recommendations with implementation priorities
  • Quarterly threat landscape updates (4x/year)
  • Priority advisory support (48h response)
Get Started — Operational Cyber Resilience Program ($15,000)
Enterprise

Enterprise Cyber Crisis Simulation

$35,000
per engagement · On-site · 8h

Put your C-suite in the room with a realistic ransomware scenario and see who leads. Full-day on-site, cross-department coordination, board-ready deliverables.

  • Everything in Operational Cyber Resilience Program
  • Full-day on-site crisis simulation (multi-phase, escalating injects)
  • Executive crisis leadership simulation (C-suite / board track)
  • Cross-department coordination testing (IT, legal, comms, ops, executive)
  • Ransomware business impact scenario (operational + financial + regulatory)
  • Board-level response briefing (presentation-ready)
  • Executive After-Action Report (timeline, decisions, framework scoring)
  • 60-day remediation roadmap with milestones and resource requirements
  • Regulatory framework alignment documentation
  • 30-day post-exercise advisory support
Get Started — Enterprise Cyber Crisis Simulation ($35,000)
Level Up

Ready for year-round readiness?

One engagement shows you where the gaps are. An annual program makes sure they stay closed — with quarterly exercises, continuous scoring, and dedicated advisory support at a fraction of the à la carte cost.

05

Commit to year-round readiness

Annual program

Quarterly exercises, dedicated advisory hours, compliance evidence built up over the year. The right rung when one engagement isn’t enough and your board wants a cadence, not a snapshot.

Foundation

Readiness Baseline

$48,000/year
$4,000/mo · 4 exercises/yr · 2h advisory/mo

Quarterly exercises that build muscle memory. Your team practices four times a year, tracks readiness scores, and closes gaps between exercises.

  • 4 quarterly exercises (seasonal threat rotation)
  • Continuous readiness scoring + trend tracking
  • Gap tracking with remediation guidance
  • Quarterly threat landscape briefing
  • 2h/mo advisory support
  • Platform access for up to 10 team members
  • After-Action Reports generated per exercise
Talk to Sales — Readiness Baseline
Most Popular
Most Popular

Cyber Resilience Program

$96,000/year
$8,000/mo · 8 exercises/yr · 8h advisory/mo

The program that justifies your security budget. 8 exercises, executive scorecards, compliance evidence, and an advisor who knows your environment.

  • Everything in Readiness Baseline
  • 8 exercises/year (4 quarterly + 4 ad-hoc drills)
  • Custom adversary scenarios mapped to your threat landscape
  • Executive Response Scorecard with leadership tracking
  • 8h/mo advisory support
  • Compliance framework mapping (NIST, SOC 2, ISO, HIPAA)
  • Crisis comms templates updated quarterly
  • Insurance readiness certificate
Talk to Sales — Cyber Resilience Program
Maximum Readiness

Strategic Command

$156,000/year
$13,000/mo · 12 exercises/yr · 16h advisory/mo

Monthly exercises, a dedicated facilitator, and board-ready briefings. Your executive team practices crisis leadership until it becomes instinct.

  • Everything in Cyber Resilience Program
  • Monthly exercise cadence (12/year)
  • C-suite crisis leadership track
  • Board-level briefings (quarterly, presentation-ready)
  • Cross-department coordination exercises
  • 16h/mo dedicated advisory
  • Dedicated facilitator assignment
  • 60-day remediation roadmap per quarter
  • Premium insurance certificate program
Talk to Sales — Strategic Command

Transparent Pricing

What this costs elsewhere.

Most firms don't publish pricing. We do. Here's what you'd pay buying these services individually.

ServiceMarket RateAfter Action
Single facilitated tabletop exercise$25,000 – $40,000From $7,500
4 quarterly exercises (annual)$100,000 – $160,000From $48,000/yr
vCISO / advisory retainer$60,000 – $150,000/yrBuilt in
NIST / compliance readiness assessment$10,000 – $50,000Included

Sources: PreparedEx, IBM X-Force, IANS Research, Clutch.co, Corsica Tech — March 2026

How Annual Programs Work

Quarterly readiness cycle.

Every annual program follows a structured four-quarter cycle designed to build measurable improvement over 12 months.

Q1

Baseline Exercise

Establish your readiness baseline with a threat-informed tabletop. Identify gaps. Set the benchmark.

Q2

Progress Check

Targeted drill on identified gaps. Measure improvement against Q1 baseline. Adjust remediation priorities.

Q3

Advanced Drill

Escalated scenario complexity. New threat vectors. Cross-team coordination under realistic conditions.

Q4

Certification & Renewal

Final assessment. Generate insurance certificate. Board-ready report. Plan the next 12-month cycle.

The Case for Continuous Readiness

Why upgrade to annual?

One-off exercises check a box. Annual programs build real capability.

Score Trends That Actually Mean Something

A single readiness score is a snapshot. Quarterly scoring gives you a trendline — proof that your team is getting better, not just guessing.

Continuous Improvement, Not Crisis Mode

Annual programs let you remediate gaps between exercises instead of scrambling after a one-time assessment. Your team builds muscle memory.

Insurance & Compliance Evidence

Carriers want proof of ongoing readiness, not a report from 18 months ago. Annual programs generate continuous evidence carriers can use at renewal.

Board-Ready Reporting Every Quarter

Give your board a consistent cadence of readiness updates. Demonstrate ROI with measurable improvement across four data points per year.

What every engagement ships.

Every tier is backed by the same proven methodology and the same automated deliverable engine. The differences between tiers are scope, duration, and audience — not platform capability.

~72h
Typical AAR Cycle
5
Core Deliverables
8
NIST Dimensions

Methodology, not magic

Published · Inspectable

The readiness scoring methodology, the framework-mapping rules, and the AAR auto-draft logic are all published as whitepapers. Your team can inspect exactly how every score is computed before they trust the number on the board slide.

Read the methodology whitepapers