XRAY VU / Security Advisory
๐Ÿ”’ Security Advisory

Security that holds up
under every standard.

XRAY VU Security Advisory delivers independent security assessments, post-incident validation, and strategic security programs for organizations that can't afford ambiguity. Our findings are evidence-grounded, stakeholder-ready, and designed to survive the scrutiny they'll face.

Request an Engagement View Services โ†“

Service Offerings

Security from every angle.

Our security practice covers the full lifecycle โ€” from proactive assessment and architecture through incident response and post-incident attestation.

Post-Incident Validation & Attestation

Independent investigation and formal attestation following a security incident. Evidence collection, timeline reconstruction, scope determination, and finding certification for insurers, auditors, and regulators.

BECForensicsAttestation

Microsoft 365 & Entra ID Security Assessment

Comprehensive review of M365 tenant configuration, Entra ID (Azure AD) security posture, conditional access policies, sign-in log analysis, risky user review, and MFA coverage gaps.

M365Entra IDConditional Access

Identity & Access Management Audit

End-to-end audit of identity infrastructure: privileged access, service accounts, legacy authentication, OAuth application permissions, external sharing, and guest access governance.

IAMPAMRBAC

Zero Trust Architecture Design

Assessment of current trust model and phased roadmap to Zero Trust. Covers network segmentation, identity-centric access, device health verification, application access control, and data classification.

Zero TrustZTNAArchitecture

Phishing-Resistant MFA & FIDO2 Implementation

Assessment of current authentication posture, gap analysis against phishing-resistant standards, and implementation guidance for FIDO2/WebAuthn, hardware security keys, and Microsoft Authenticator FIDO mode.

FIDO2MFAAuthentication

Business Email Compromise (BEC) Investigation

Forensic investigation of suspected or confirmed BEC incidents. Email header analysis, inbox rule audit, delegation review, OAuth app review, and financial transaction tracing with legal-quality documentation.

BECEmail SecurityForensics

Security Baseline & Hardening Review

Measurement of current configuration against CIS Benchmarks, NIST standards, and vendor security baselines. Prioritized remediation roadmap with effort/risk scoring for each finding.

CISNISTHardening

Virtual CISO (vCISO) Services

Embedded security leadership for organizations that need CISO-level strategy, oversight, and stakeholder communication without the full-time headcount. Program governance, board reporting, and incident command.

vCISOGovernanceProgram

Compliance Readiness & Gap Assessment

Assessment of readiness against major compliance frameworks. Gap identification, evidence mapping, control design, and audit preparation. We make compliance achievable without manufacturing evidence.

SOC 2ISO 27001PIPEDA

Capability Depth

What "security advisory" means at XRAY VU.

Practice Focus Incident Response & Post-Incident Forensics

When something has gone wrong โ€” or you suspect it has โ€” speed of investigation and quality of evidence preservation are everything. XRAY VU applies forensic discipline from the first moment: documented evidence collection, chain of custody, timestamp integrity, and narrative reconstruction that can support insurance claims, regulatory disclosure, and legal proceedings.

  • Incident timeline reconstruction
  • Email header forensics & trace analysis
  • Inbox rule & delegate enumeration
  • OAuth app permission audit
  • Sign-in log analysis (M365/Entra ID)
  • Legal-quality evidence packaging
  • Insurance attestation reporting
  • Regulatory disclosure support
Practice Focus Identity Security & Access Governance

Identity is the new perimeter. Compromised credentials and overprivileged service accounts are the entry point for the majority of enterprise security incidents. XRAY VU audits the full identity surface: how users authenticate, what they can access, how privileged access is controlled, and where implicit trust has accumulated without authorization.

  • Privileged access audit (PAM/PIM)
  • Legacy authentication detection
  • Service account lifecycle audit
  • Conditional access policy review
  • Cross-tenant access controls
  • Guest & external identity governance
  • FIDO2/passkey readiness assessment
  • Entra ID role assignment audit
Practice Focus Security Architecture & Zero Trust

Architecture decisions made today create the threat surface of tomorrow. XRAY VU evaluates existing architecture against current threat models and designs incremental paths to Zero Trust that don't require a rip-and-replace โ€” because real organizations have to keep the business running while improving security posture.

  • Trust model assessment
  • Network segmentation analysis
  • Application access control design
  • Device health & compliance integration
  • Data classification & DLP framework
  • Micro-segmentation strategy
  • SASE & SSE evaluation
  • Phased Zero Trust roadmap
Practice Focus Strategic Security Program Design

Tactical fixes accumulate without a strategic program to govern them. XRAY VU helps organizations design security programs that are proportional, measurable, and sustainable โ€” not theater that satisfies auditors while leaving real risk unaddressed. We build programs around your actual threat model, not a generic checklist.

  • Security program design & governance
  • Policy & procedure authorship
  • Security metrics & KPI framework
  • Risk register development
  • Board & executive reporting
  • Security awareness program design
  • Vendor security assessment program
  • Incident response plan authorship

Incident Response Phases

Structured response. Documented at every step.

Whether we're engaged from day one or brought in mid-investigation, we apply the same phase structure to ensure nothing is missed and everything is documented.

๐Ÿ”
Detection & Scoping
Define the incident boundary. Identify what is known, what is suspected, and what evidence exists.
๐Ÿ“ฆ
Evidence Preservation
Collect and preserve evidence with chain-of-custody documentation before retention windows expire.
๐Ÿงฉ
Analysis & Attribution
Reconstruct the timeline, identify threat actors, TTPs, and the full scope of access or exfiltration.
๐Ÿ›ก๏ธ
Containment & Remediation
Prioritized containment steps and remediation roadmap validated against the evidence record.
๐Ÿ“‹
Reporting & Attestation
Formal report with findings, evidence appendix, and executive summary suitable for all stakeholders.

Compliance Frameworks

We work across the major standards.

Our assessments map findings to the frameworks your auditors and regulators care about.

NIST CSF 2.0

Cybersecurity Framework โ€” Govern, Identify, Protect, Detect, Respond, Recover

CIS Controls v8

Implementation Groups 1โ€“3 for prioritized, measurable security controls

SOC 2 Type II

Trust Services Criteria readiness assessment and evidence preparation

ISO/IEC 27001:2022

ISMS design, gap assessment, and Annex A control mapping

PIPEDA / Bill C-27

Canadian privacy and breach notification requirements

Microsoft SCI

Secure Cloud Initiative assessment for M365 and Azure environments

NIST SP 800-53

Federal security and privacy controls for regulated industries

PCI DSS 4.0

Payment card security requirements and SAQ support

Our Standard

Every finding we deliver can be traced to documented evidence. We don't write findings based on impressions, industry generalizations, or what we've seen in other environments. The evidence record is the finding record โ€” and we provide both. This isn't an academic standard; it's the only standard that holds up when your insurer, your regulator, or your opposing counsel asks to see the work.

Engage Security Advisory

Start with a scoped conversation.

Tell us what happened, what you're concerned about, or what you need to prove. We'll tell you how we can help โ€” and what that looks like.

Request an Engagement security@xrayvu.com