M&A cyber due diligence, surface what's actually material.
Most cyber diligence is a checkbox exercise. We surface material findings affecting valuation: latent breach, IP exfiltration, post-close remediation cost, hidden compliance liabilities. Both buy-side and sell-side.
- Engagement
- Buy-side + sell-side
- Duration
- 5–15 business days
- Pricing
- Fixed fee
- Output
- Findings + cost estimate
What we do
Latent-breach surface
Indicators of past or ongoing compromise that target's team may not know about.
IP exfiltration evidence
Source code, customer data, model IP — has anything walked?
Compliance liability scan
Hidden HIPAA, GDPR, or contractual obligations affecting post-close cost.
Post-close remediation cost estimate
What it'll cost to bring target up to your portfolio standard.
Integration-risk surface
Where target's network meeting your portfolio's network creates new risk.
Sell-side prep
When you're selling, we make the cyber narrative defensible to buy-side scrutiny.
Diligence lifecycle
- 01Day 0
Scoping call
Target size, sector, deal stage, sensitivities. Fixed-fee SOW.
- 02Days 1–5
Diligence work
Document review, interviews, technical scanning where authorized.
- 03Days 5–10
Report + readout
Findings, materiality flags, post-close cost estimate. 90-minute deal-team readout.
- 04Post-close
100-day plan
If you proceed, we hand off a 100-day plan.
What you walk away with
- Material findings affecting valuation
- Post-close remediation cost estimate
- Integration-risk narrative
- Defensible diligence record
- 100-day plan ready post-close (buy-side)
- Buy-side-ready narrative (sell-side)