You know your startup needs to take security seriously. Maybe an investor asked about your security posture. Maybe an enterprise prospect sent a security questionnaire you could not answer. Maybe your CTO is handling security between feature sprints and you are not sure if that is enough.
You are not looking for a 6-month consulting engagement. You want to talk to someone who understands this, understand where you stand, and figure out what to do next.
That is what Security on Demand is for.
What It Is
A 4-hour working session with both Cyber Secify founders. Ashok handles consulting, compliance, and business risk. Rathnakara handles penetration testing, application security, and infrastructure. Between the two, we cover every angle a startup typically needs.
It costs INR 9,999. Fully refundable if you decide not to continue. If you do continue with a pentest or consulting engagement, the 9,999 comes off the price.
Think of it like a doctor consultation. You come in with your situation. We diagnose. Sometimes there is something to fix. Sometimes you are doing fine and just need confirmation. Either way, you leave with a clear picture of where you stand.
What Happens During the Session
Every session is different because every startup is in a different place. But here is the general shape:
We learn your stack and situation What are you building? What does your infrastructure look like? What user data do you handle? What compliance requirements are on your radar? Have you had any security incidents or near-misses? What triggered this conversation?
We are not filling out a form. We are building a mental model of your company’s security surface so we can give you advice that is specific to you, not generic best practices.
We identify what is critical Based on what we learn, we tell you what needs attention now versus what can wait. This is where having both founders matters. Ashok spots the business and compliance risks. Rathnakara spots the technical vulnerabilities.
Some things we commonly surface:
- Access controls that do not match your team’s actual roles
- Cloud configurations that expose more than they should
- Authentication flows with gaps an attacker would find
- Compliance gaps that will block an enterprise deal or audit
- Incident response gaps where there is no plan if something goes wrong tomorrow
We handle immediate needs if there are any If you came in with a specific problem (a suspicious incident, a security questionnaire you need to answer, a compliance deadline), we work on that directly. Four hours is enough to make real progress on most immediate issues.
We recommend next steps You get a clear picture of where you stand and what to do about it. This might be:
- A pentest on your main application before your next fundraise
- Specific infrastructure hardening your DevOps team can do this week
- A compliance readiness plan for SOC 2 or ISO 27001
- A fractional security engagement if you need ongoing coverage
- Nothing urgent, and confirmation that you are in better shape than you thought
We are direct about what you need and what you do not. There is no incentive to oversell because the session is refundable.
What You Walk Away With
Depending on your situation, some combination of:
- Verbal guidance during the session itself, questions answered, concerns addressed
- A written summary of what we found and what we recommend
- An action plan with priorities: what is critical, what is important, and what can wait
The format varies because the problems vary. A startup dealing with a live incident gets different output than a startup preparing for an investor’s security questionnaire.
What It Is Not
It is not a pentest. We are not testing your application for vulnerabilities in 4 hours. If you need a pentest, we will tell you and scope it properly.
It is not an audit. We are not producing a compliance report. If you need SOC 2 or ISO 27001 readiness, this session helps you understand the gap and plan the path.
It is not a sales call. We do real work in these 4 hours. If there is no fit for further engagement, you get your money back and keep everything we discussed.
What Happens After
That depends on what we find and what you need:
- If you need a pentest: We scope it based on what we learned about your stack. The Startup Pentest plan (INR 74,999) covers one scope in 7 days. The Growth Pentest plan (INR 1,79,999) covers two scopes in 10 days with SOC 2 + ISO 27001 audit prep.
- If you need ongoing security coverage: We discuss a fractional security engagement (3-month minimum, 2-8 hours/day covering AppSec, InfraSec, and GRC).
- If you want to experience more of our work first: The Security Retainer (INR 24,999) gives you 10 hours of deeper engagement over 60 days before committing to a longer engagement.
- If you do not need anything right now: Full refund. No hard feelings.
Your INR 9,999 comes off the price of whatever you choose next. It is not a fee, it is a trust signal that works both ways.
Who Is This For
You should book a Security on Demand session if:
- You have no dedicated security person and your CTO or DevOps engineer is handling security part-time
- An investor, board member, or enterprise prospect asked about your security and you were not sure how to answer
- You have a compliance deadline (SOC 2, ISO 27001, DPDP Act) and do not know where to start
- You had a security incident or scare and want an outside perspective
- You are about to raise a round and want to make sure security will not become a blocker during due diligence
You should not book this if you already have a clear security roadmap and a team executing it. In that case, go directly to pentest pricing or contact us about a specific engagement.
Book a Session
INR 9,999. 4 hours. Both founders. Fully refundable if you do not continue.
Book Security on Demand | Get a free security snapshot first