Service Provider Use Cases
1. inform
Position the customer for security investment
Become the Trusted Security Advisor
Illustrate cyber posturing, compare to industry compliance targets, and identify residual risk.
2. convert
Turn your customers into security champions
Capture Customer Security Initiative
Translate moments of security urgency into strategic investments with a clear call-to-action.
3. service
Deliver advanced security to your customer
Orchestrate Security Tasking
Deliver the right issue to the right engineer at the right time to meet overall security goals.
4. EVIDENCE
Help your customer evidence security
Document & Certify
Generate audit prep, compliance posturing, and security certificates for your customer.
1. inform
EDUCATE ALL YOUR CUSTOMERS WITH A SECURITY DASHBOARD
Creating Customer Trust

Earning customer trust in security means both illustrating why and how they can trust your basic offering, and what protection it lacks.

Enter the Mentor

Critical customer security questions you must be able to answer:

What do I need to protect my business?
How much do I need to spend?


Security buyers will seek out advisors that can deliver credible right-sized security solutions that answer their questions.

Become the Default Security Advisor

Put your brand front-and center by delivering your customer a security dashboard that shows them what security they have now, and how they compare to reasonable security targets.

We maximize your security credibility by branding this shareable compliance dashboard with your logo, and available on a "vCISO" vanity hosting domain.

This helps the customer understand exactly how your essential or advanced security tiers are delivering value to them.

2. CONVERT
Capture security urgency to create cyber investment
moments of urgency

An informed customer will translate a moment of urgency into readiness to invest in cybersecurity. Be prepared to recognize and capture the moment:

Momentary Loss
- Security incidents
- A major breach

External Pressures
- Customer sales resistance
- Insurer or regulatory requirement
- Due diligence from other outside parties

review & assess

Review the customer's current security posturing and remind them of how this relates to reasonable security targets.

Illustrate residual risks previously identified and how they may be related to their moment of urgency.

FortMesa supports both instant compliance reviews as well as workflows to enable more comprehensive paid or loss-leader risk assessments.

Present the call-to-action

Consult with the customer about their cyber posturing and compliance gaps, but also present a clear plan of exactly what you will provide over the course of their contract.

Illustrate your offering
- How you will bridge their specific compliance gap
- What residual risk you will eliminate
- When security goals will be achieved

3. service
orchestrate and automate security tasking
Scheduled Security & Planning

Schedule a calendar of security actions and deployments over the course of your customer contract to lower startup costs.

Choose Elements of the Security Plan
- How much security
- According to what compliance standards or guidelines
- Sprint deployment or distributed cadence

Manage Vulnerabilities

Stay on top of new detected software vulnerabilities as soon as they are discovered by security researchers with workflows that are tuned for your customer's risk tolerance and SLA.

Issue Tickets

High priority vulnerabilities and new security deployments or projects are automatically fed into your PSA or ticketing system.

Ticketing integration
- Vulnerabilities based on SLA configuration
- Security projects in line with the scheduled security plan

4. evidence
IS YOUR BRAND THE default SECURITY solution?
FortMesa Trustmark Certificate

Quickly issue Trustmarks to any customer on the advanced security tier.

The Third Party FortMesa Trustmark
- Quickly issued to customers that commit to a security plan of action
- Continuously valid as long as security velocity is maintained
- Great for reassuring customer stakeholders

Cyber Posturing Report / Risk Assessment

Automatically generate a multi-page report summarizing the customer's security environment as well as your assessment of their posturing. Includes recommendations for long-term planning & investment. Satisfies most customers that require a third party risk assessment.

Report Summary
- Overall summary of security scope, asset & vulnerability disposition
- Current security plan of action
- Recommendations for future improvement

Compliance & Audit Prep

A package that helps customers explain their security to compliance auditors using standardized control disposition mapping.

Supported Frameworks
- NIST SP 800-53, NIST CSF, NIST 800-171, etc..
- ISO 27000 & HIPAA
- CIS Controls
- UK Cybersecurity Essentials
and more...

Security Documentation

A comprehensive and detailed security reporting package (may be hundreds of pages).

Available Documentation
- Asset Inventory (Devices, Data, Software, Third Party Vendors)
- Business Process to Asset Group Mappings
- Vulnerability Inventories
- Compliance Posturing