Productised Services

Focused security services with clear scope and clear outputs.

Koru Security is structured around defined reviews and short advisory engagements. Each service is designed to solve a specific problem with agreed scope, practical outputs, and a realistic path to remediation.

Service

SME Security Health Check

A fast view of the biggest security gaps and the highest-value next steps.

From NZ$3,250 + GST
Best for: NZ SMEs with limited internal security capability
Timeline: Delivered in 1 week
Pricing: Fixed-scope review with a clear upfront price for standard SME environments.

What is included

  • Review of core controls across identity, endpoint, backups, external exposure, and basic incident readiness
  • Short findings report with practical remediation priorities
  • Debrief call to walk through what matters first

Deliverables: Concise findings summary, prioritised action plan, and follow-up recommendations

Service

Microsoft 365 Security Review

Clear remediation priorities across identity, email, access, and tenant configuration.

From NZ$4,900 + GST
Best for: Businesses using M365 as a core business platform
Timeline: Delivered in 1 to 2 weeks
Pricing: Starting price for a standard tenant review. Broader estates are quoted upfront.

What is included

  • Review of identity controls, MFA posture, privileged access, and conditional access approach
  • Assessment of Exchange Online, Defender, and common tenant hardening gaps
  • Practical recommendations matched to business risk and operational effort

Deliverables: Findings report, priority remediation list, and decision guidance for the tenant

Service

Security Architecture Review

Independent security input before risk gets locked into implementation.

From NZ$5,900 + GST
Best for: Technical teams making high-impact cloud, SaaS, network, or platform decisions
Timeline: Delivered in 1 to 2 weeks
Pricing: Starting price for a focused design review. Larger or multi-stream reviews are quoted upfront.

What is included

  • Threat-informed review of the proposed design or implementation approach
  • Assessment of control coverage, trust boundaries, and material design risks
  • Practical recommendations that support delivery rather than block it

Deliverables: Architecture review summary, risk observations, and implementation guidance

Service

Security Roadmap Sprint

A sequenced plan aligned to risk, effort, and business context.

From NZ$4,250 + GST
Best for: Businesses that know security needs attention but need clarity on what to do first
Timeline: Delivered in 1 to 2 weeks
Pricing: Starting price for a bounded sprint with agreed scope and inputs.

What is included

  • Review of current control maturity, material risks, and delivery constraints
  • Prioritisation of short-term and medium-term improvements
  • Roadmap recommendations designed for realistic execution

Deliverables: Prioritised roadmap, immediate next actions, and delivery guidance

NZ Market Context

Why a low-friction review model works for smaller businesses

NZ's NCSC reported that 53% of New Zealand small to medium businesses experienced a cyber threat in the first half of 2025, up from 36% in the previous survey.

That supports a small, practical review model for NZ businesses: identify the highest-value improvements early, avoid heavyweight consulting, and focus on changes that can actually be implemented.

Engagement Model

How these services are delivered

If you need broader or ongoing support after the initial review, services can extend into fractional advisory work with the same emphasis on clear priorities and practical delivery.

Next Step

Discuss the service that fits best

If you know the problem you need solved but want to keep the engagement tight, start with a discovery call and choose the most suitable review.

Book a Discovery Call About Stewart