Zero Trust - Security Posture Managed Services


Zero Trust Security Posture Managed Services enables customers to outsource cybersecurity posture management.

Are you a cybersecurity executive looking for a meaningful way to measure and manage cybersecurity posture in your organization, outsourcing or augmenting internal capabilities and ensuring compliance to NIS2 and other relevant legal requirements?

Zero Trust Security Posture Managed Services enables customers to outsource all or relevant parts of cybersecurity posture management. Aligned to CISA Zero Trust maturity model, it addresses risk-based cybersecurity management requirements providing measurable, results oriented posture metrics and continuous improvement support.

Being vendor neutral, Zero Trust Security Posture Managed Services build upon a strong multi-vendor technical expertise to deliver tangible results. It uses combination of technical discovery methods and interviews using Noventiq's in-house built tool set to cover not only technical controls, but also processes and procedures.

Cybersecurity is a process, not a project. There is a way to manage it.

Zero Trust Security Posture Managed Services from Noventiq enable enterprises to implement measurable, continuous cyber security posture improvement program:

  • Vendor neutral, aligned to CISA maturity model.
  • Provides clear metrics to communicate cybersecurity posture to stakeholders.
  • Target posture profile personalized for each customer – risk-based.
  • Encompasses tools, but also processes and procedures.
  • Supports customer in planning, but also operations.

Zero Trust Security Posture Managed Services has 3 main phases. We start the engagement from Assess Phase with fixed price and scope, followed by Align and Advance Stages with custom scope and price, based on Access report.

1. Assess
Provides assessment of existing cybersecurity posture and boosts employee cybersecurity awareness.

  • Assesses current state across all Zero Trust pillars.
  • Technical discovery and interviews based.
  • Establishes personalized, risk-based target maturity state for the customer.
  • Determines actionable, key “lowest hanging fruit” improvements.
  • Key input for Align and Advance phases.
  • Fixed price engagement.

Key deliverable from Assess phase is report, attached in learn more section, containing the following sections:

  • Executive summary, quantifying existing cyber posture state.
  • Recommendations for Align phase – key improvements for immediate attention.
  • Detailed description of each Zero Trust pillar and recommendations for each of more than 20 components.

Assess Pricing. Assess phase estimated duration is 1 month, packaged offering price – 5500 USD (excl. VAT).
Assessment phase can be combined with Microsoft solution assessment and other programs for eligible customers.

2. Align
Implementation of key “lowest hanging fruit” improvements from Assess phase.

  • Based on personalized recommendations from Assess phase.
  • Tools, processes, and procedures.
  • Implemented by Noventiq experts.

We do not believe in silver bullet, each customer receives personalized Align recommendations, selection of tools and vendors; cloud, on-premise or hybrid solutions. Nevertheless, due to the threat landscape, most often Align phase includes:

  • Improvements in cybersecurity policies.
  • Identity management (Active Directory, Azure MFA, Pointsharp MFA).
  • Business continuity, patching, updates and management (Intune, Azure Arc, Azure Update Management, Azure Site Recovery, Veeam Backup).
  • XDR capabilities (Microsoft Defender, Sophos).
  • SIEM/SOAR platforms (Azure Sentinel).
  • Network protections (Azure WAF, Sophos Zero Trust Network).

Align Pricing. Align engagements are custom scoped and priced based on Assess report findings. Depending on the scope, initial round of Align engagements usually takes 1-3 months to implement.

3. Advance
Continuous improvement implementation and cybersecurity process KPI measurement. Customized according to Assess and Align outcomes for each customer, customers can choose either full managed service offering or combine them for internal team augmentation:

  • Managed Detection and Response. 24/7 outsourced detection, containment, and resolution service.
  • Desktop management with Intune. Patching, updating and policy enforcement.
  • Packaged Secure Score optimization. Improvement action evaluation, impact analysis, testing, implementing to continuously improve security posture.
  • Azure Active Directory / Microsoft 365 managed services.
  • Remote help with Intune.
  • End user cybersecurity awareness trainings (

Advance Pricing. Advance managed services are custom scoped and priced long-term contracts, 1 year and longer.