Thank you!
We will contact you shortly
-FAQS-
General Questions About HUME-IT
What does HUME-IT specialize in?
HUME-IT specializes in security configuration assessments for Microsoft Active Directory, Microsoft Entra ID, and VMware vSphere environments. We are actively developing additionalassessments for platforms including Microsoft Azure and Amazon Web Services (AWS). Our goal is to identify security misconfigurations, assess risk exposure, and provide clear, actionable recommendations to strengthen your security posture.
How is HUME-IT different from other security firms?
We go beyond compliance checklists and deliver deep technical assessments that focus on real security risks. Our findings are based on real-world attack paths and are mapped to vendor
security best practices.
What industries does HUME-IT serve?
We work with enterprises, financial institutions, healthcare, technology companies, and government agencies that require advanced security assessments.
Do you offer ongoing security support, or just one-time assessments?
Our Security Configuration Posture Assessments (SCPA) are more than standalone services. We complement them with:- Remediation Planning & Consulting to help you fix identified issues- Remediation Validation to verify improvements- Retainer-based security advisory services through our Information Security Technology Advisor (ISTA) program
Security Configuration Posture Assessments (SCPA)
What platforms do you assess?
We offer SCPA services for:
- Active Directory (AD-SCPA)
- Microsoft Entra ID (MS-EID-SCPA)
- VMware vSphere (VM-SCPA)
- AWS IaaS & IAM (Coming Soon)
- Azure IaaS (Coming Soon)
How long does an assessment take?
Small environments: 1–2 weeks
Medium environments: 3–4 weeks
Large environments: Custom scoped
What kind of compliance frameworks do you align with?
Our assessments align with:
- NIST 800-53 / Cybersecurity Framework (CSF)
- ISO 27001
- CIS Benchmarks
- CMMC
- PCI DSS
- Platform-Specific Guidance: Microsoft, AWS, and VMware security best practices
Will the assessment impact our production environment?
No. Our assessments are read-only and non-intrusive, using telemetry gathering and security reviews. There is no downtime or disruption to production systems.
Remediation and Validation Services
Do you provide remediation services?
Yes! We offer:- Advisory Remediation Support (guidance on remediation efforts)
- Hands-on Remediation (additional scoping required)
- Remediation Validation (a second review after fixes are implemented)
Can we purchase block hours for remediation help?
Yes, we offer a flexible advisory support model where clients can pre-purchase a set number of hours for remediation assistance. These hours can be used for guidance, troubleshooting, and
security advisory services as needed. Pre-purchased hours are valid for a set period to ensure timely utilization and effective remediation efforts.
Ongoing Security Advisory (ISTA)
What is the ISTA service?
The Information Security Technology Advisor (ISTA) service provides ongoing security consulting for architecture, strategy, and security assessments.
How does ISTA differ from an SCPA?
An SCPA offers a snapshot in time, while ISTA provides ongoing, retainer-based advisory support to help guide long-term security planning and decision-making.
Lets Work Together!
Still have questions about our services or how we can support your security goals? Contact us and we’ll be happy to assist.