Flagship Program

Barkrum Cybersecurity Protection Program

Testing, compliance, and reporting bundled into one annual program. Security work that keeps going all year, not just on the day the test runs.

5
Deliverables included
Vulnerability scans per year
12
Months of scheduled coverage
The Program

Penetration testing as a service, taken further.

A one time penetration test tells you what existed on the day it ran. The BCPP keeps the work going all year: the same rigorous manual testing, now on a schedule that matches how threats actually evolve. Your organization gets tested, scanned, reviewed, and reported on at set points through the year, under a single annual agreement.

Everything is included. There are no add ons or separate purchase orders for the remediation retest, the compliance report, or the ransomware review. When you sign a BCPP agreement, you get all five components on a set schedule for the full year.

What makes it different from a standalone pentest
  • It repeats on a schedule, not once. Four scans and one full pentest every year.
  • Compliance reports are delivered at the close of each quarter, without a separate request.
  • A dedicated Barkrum device runs the scheduled assessments from inside your network.
  • You have a direct line to your Barkrum practitioner all year long.
  • The ransomware readiness check is built into the program, not optional.
What You Get

Five Deliverables. One Annual Investment.

Every BCPP agreement includes all five components below, delivered on a set schedule across the year. Nothing requires a separate purchase order. Everything is included.

Annual Penetration Test

A complete internal, external, and web application penetration test each year, with findings scored by severity and a clear plan to fix them.

Quarterly Vulnerability Scans

Credentialed scans four times a year, with issues ranked by priority so you can see your posture improve from one quarter to the next.

Ransomware Readiness Check

A mid-year review of how well you could detect, respond to, and recover from ransomware without paying. Built to meet Florida §282.3185.

Quarterly Compliance Reporting

Clear NIST CSF 2.0 or HIPAA status reports sent to your leadership at the close of each quarter, ready for audit whenever you need them.

BCPP Client Portal

Live access to your findings, documents, schedule, and a direct line to your Barkrum practitioner all year.

Every BCPP engagement includes a dedicated Barkrum device installed on your network. It is used only to perform the testing and assessments included in your program, never to monitor your network.

Your Year

A full year of protection, planned from day one.

Every BCPP agreement runs on a fixed annual schedule. You know what is happening, when it is happening, and who is doing it before the program begins.

Q1

Months 1–3

  • Annual Penetration Test (internal, external, web app)
  • Vulnerability Scan — Quarter 1
  • Compliance Report — Quarter 1
  • Remediation retest after findings
Pentest Quarter
Q2

Months 4–6

  • Vulnerability Scan — Quarter 2
  • Ransomware Readiness Check
  • Compliance Report — Quarter 2
Ransomware Review
Q3

Months 7–9

  • Vulnerability Scan — Quarter 3
  • Compliance Report — Quarter 3
  • Mid-year posture review via Client Portal
Q4

Months 10–12

  • Vulnerability Scan — Quarter 4
  • Year-end Compliance Report
  • Program renewal planning
Renewal Window
Agreement Options

Two ways to engage with the BCPP.

Both options include all five BCPP deliverables. The difference is the term and the benefits that come with committing longer. Pricing is based on scope, so contact us to discuss what fits your environment.

12 Month Agreement

BCPP 12 Month

All five deliverables on the standard annual schedule, scoped to your environment. One year, fully covered.

  • Annual penetration test (internal, external, web application)
  • Quarterly vulnerability scans (credentialed)
  • Ransomware readiness check (mid year)
  • Quarterly compliance reports (NIST CSF 2.0 or HIPAA)
  • Dedicated Barkrum device installed on your network
  • BCPP Client Portal access
  • Remediation retest included after findings
Request Pricing

All pricing is based on scope, set by your environment size, user count, and the regulations that apply to you. We provide a fixed scope proposal after a short scoping conversation.