# PurpleSec

> PurpleSec is a veteran-owned cybersecurity firm providing managed XDR, virtual CISO services, penetration testing, vulnerability management, and educational resources to SMBs and startups since 2019.

The links below offer clean, high-signal access to our core services, guides, templates, breach reports, and leadership insights.

## Solutions
- [Managed Security](https://purplesec.us/services/managed-security/): 24/7 MDR/XDR service for SMBs.
- [Virtual CISO](https://purplesec.us/services/virtual-ciso/): Outsourced security leadership.
- [Penetration Testing](https://purplesec.us/services/penetration-testing/): Real-world offensive security tests.
- [Vulnerability Management](https://purplesec.us/services/vulnerability-management/): Scan, prioritize, remediate threats.
- [Social Engineering Testing](https://purplesec.us/services/social-engineering/): Test human attack surface.
- [Patch Management](https://purplesec.us/services/vulnerability-patch-management/): Automated patch workflows.
- [Small Business Security](https://purplesec.us/services/small-business/): Affordable cybersecurity tailored to SMBs.
- [Plans Overview](https://purplesec.us/services/plans/): Package comparison for services.

## Pricing

- [Defiance XDR](https://purplesec.us/services/xdr/): $35/month per device starting price for managed XDR services.
- [Vulnerability Management (Self‑Managed)](https://purplesec.us/services/vulnerability-management/): $3/month per device for self-service scanners with patching.
- [Vulnerability Management (Fully Managed)](https://purplesec.us/services/vulnerability-management/): $20/month per device for fully managed vulnerability scanning plus patching.
- [Managed XDR](https://purplesec.us/services/plans/): $35/month per device starting tier, includes full program management and XDR.
- [Defiance XDR + Program Support](https://purplesec.us/services/plans/): $535/month, includes XDR plus 4 hrs/month of cybersecurity program support.
- [Hourly vCISO Support](https://purplesec.us/services/plans/): $1,000/month starting for fractional virtual CISO engagement.


## Policy Templates & Reports
- [Policy Template Library](https://purplesec.us/resources/cyber-security-policy-templates/): Full collection of security templates.
- [Sample Penetration Test Report](https://purplesec.us/resources/sample-network-penetration-test-report/): Example deliverable.
- [Sample Vulnerability Assessment Report](https://purplesec.us/resources/sample-vulnerability-assessment-report/): Full annotated report.
- [Ransomware Resource Hub](https://purplesec.us/resources/ransomware/): Guides, policies, and defense strategies.
- [Cybersecurity Statistics](https://purplesec.us/resources/cybersecurity-statistics/): Visual data and trends for planning.

## Learning Center
- [What Is a Virtual CISO?](https://purplesec.us/learn/what-is-a-virtual-ciso/): Role, benefits, and ROI.
- [Security Risk Assessment Guide](https://purplesec.us/learn/security-risk-assessment/): 8 steps for practical risk analysis.
- [XDR Explained](https://purplesec.us/learn/what-is-xdr/): What it is and how it improves visibility.
- [Penetration Testing Types](https://purplesec.us/learn/types-penetration-testing/): Black-box, white-box, physical, and more.
- [Common Network Vulnerabilities](https://purplesec.us/learn/common-network-vulnerabilities/): Threats targeting SMBs.
- [Patch vs. Vulnerability Management](https://purplesec.us/learn/patch-vs-vulnerability-management/): Key differences in scope.
- [Credentialed vs. Uncredentialed Scanning](https://purplesec.us/learn/credentialed-scanning-vs-uncredentialed-scanning/): Trade-offs in vulnerability discovery.
- [Automated Patch Management](https://purplesec.us/learn/automated-patch-management/): How automation improves uptime and security.
- [AI in Cybersecurity](https://purplesec.us/learn/ai-in-cybersecurity/): Benefits and future trends.
- [Preventing Ransomware](https://purplesec.us/learn/prevent-ransomware-attacks/): Controls and user training techniques.
- [Cybersecurity KPIs & Metrics](https://purplesec.us/learn/cybersecurity-metrics-kpis/): Measurement strategies for SOCs and CISOs.

## Breach Reports
- [Recent Cyber Attacks](https://purplesec.us/breach-report/): Timeline of major breaches.
- [Kaseya Ransomware Attack](https://purplesec.us/breach-report/kaseya-ransomware-attack-explained/): Breakdown of the REvil breach.
- [Microsoft Azure SSRF](https://purplesec.us/breach-report/microsoft-azure-ssrf-vulnerabilities/): Cloud exposure details.
- [Conti Ransomware](https://purplesec.us/breach-report/conti-ransomware-attack/): Government and healthcare targeting.
- [Dropbox Breach](https://purplesec.us/breach-report/dropbox-data-breach/): Insider attack through phishing.

## Company & Leadership
- [About Us](https://purplesec.us/about-us/): Mission and background.
- [Leadership – Joshua Selvidge](https://purplesec.us/about-us/leadership/joshua-selvidge/): Co-founder & Managing Partner.
- [Leadership – Jason Firch](https://purplesec.us/about-us/leadership/jason-firch/): President & CMO.
- [Leadership – Tom Vazdar](https://purplesec.us/about-us/leadership/tom-vazdar/): Chief AI Officer.
- [Case Studies](https://purplesec.us/case-studies/): Client impact across industries.
- [Editorial Process](https://purplesec.us/editorial-process/): Transparency and accuracy in content publishing.
- [Contact Us](https://purplesec.us/contact-us/): Request consultation or get in touch.

## Optional
- [All Learn Articles](https://purplesec.us/learn/): Full blog and guide index.
- [Policy Templates by Topic](https://purplesec.us/resources/cyber-security-policy-templates/information-classification/): Example — Info classification.
- [Sample Web App Pentest Report](https://purplesec.us/resources/sample-web-application-penetration-test-report/): Deliverable preview.
- [Leadership Team Directory](https://purplesec.us/about-us/leadership/): All bios.
- [Cybersecurity Experts](https://purplesec.us/cyber-security-experts/): Extended contributor list.
- [Privacy Policy](https://purplesec.us/privacy-policy/): Terms of data handling.
- [Terms of Service](https://purplesec.us/terms-of-service/): Legal usage and disclaimer.