Real-world results
Case Studies
Anonymized engagements that illustrate how Tusk Cyber approaches real problems — and what the outcomes look like.
Building a Security Program from Zero for a Series A SaaS
Problem
The company had a working product and paying enterprise customers — but no formal security program, no documented controls, and an upcoming SOC 2 Type I audit on a six-month deadline. The engineering team was small and couldn't afford to stop shipping to focus on compliance.
Approach
Started with a gap assessment against SOC 2 Trust Services Criteria to understand where the biggest risks and gaps were. Prioritized controls by audit impact and actual risk, not just checkbox status. Worked directly with the CTO and engineering lead to design controls that fit their existing tooling rather than requiring a full platform migration.
Solution
Delivered a lightweight security program covering access management, change management, availability, and incident response. Implemented automated evidence collection via GitHub Actions and AWS Config. Wrote policy documents the team could actually maintain. Coordinated the pen test procurement and remediation cycle.
Impact
AWS Cost Reduction and Infrastructure Hardening for a Fast-Growing E-Commerce Company
Problem
AWS spend had grown to nearly $40K/month — more than 3x what it should have been for their workload size. The infrastructure had been built fast during a growth sprint and never revisited. There were also multiple open security findings from a recent pentest that had been deprioritized.
Approach
Started with a two-week audit of the AWS environment: EC2 sizing, RDS configurations, S3 storage classes, data transfer patterns, and NAT gateway usage. Ran the findings against actual traffic patterns to separate true over-provisioning from needed headroom. Simultaneously triaged the pentest findings by exploitability and blast radius.
Solution
Right-sized EC2 fleet, implemented auto-scaling groups with proper warm pools, migrated cold S3 data to Glacier Intelligent-Tiering, eliminated redundant data transfer via VPC endpoint configuration. Remediated the top 9 pentest findings including two that exposed internal service endpoints to the internet.
Impact
Zero Trust Implementation and HIPAA Alignment for a Growing Healthtech Company
Problem
A remote-first healthtech company was operating with a largely flat network and wide-open lateral movement between segments. After an internal red team exercise flagged serious credential-based attack paths, leadership decided it was time to rebuild access on zero trust principles. They also needed to close gaps for an upcoming HIPAA review.
Approach
Mapped existing identity, device, network, and application access flows before touching anything. Identified the highest-risk access paths — particularly around PHI stores and internal admin tooling. Designed a phased implementation to avoid disrupting the engineering team's ability to ship.
Solution
Deployed Okta with hardware-backed MFA and device trust policies. Implemented network segmentation separating PHI workloads from general engineering infrastructure. Replaced shared service credentials with machine identity (short-lived tokens via Vault). Built an access review process that runs quarterly without requiring a full-time security engineer.
Impact
Ready to see results like these?
Let's start with a discovery call to understand your situation and what we can accomplish together.
Schedule a Consultation