Breach Craft

BACKGROUND

Please describe your company and position.

 I am the AE of an information technology company 

Describe what your company does in a single sentence.

Ours is an IT consulting and managed services provider that helps businesses design, implement, and manage technology solutions across areas like cybersecurity, cloud, networking, and data centers.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Breach Craft to accomplish?

• Breach Craft was engaged to perform a CISA Cross-Sector Cybersecurity Performance Goals (CPG) 2.0 gap assessment to evaluate current security posture and identify areas for improvement against industry benchmarks.

SOLUTION

How did you find Breach Craft?

Referral

Why did you select Breach Craft over others?

• High ratings
• Good value for cost
• Referred to me
• Company values aligned

How many teammates from Breach Craft were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

The engagement involved performing a cybersecurity gap assessment aligned with the CISA Cross-Sector Cybersecurity Performance Goals (CPG) 2.0 framework. The scope includes evaluating governance, risk management, and technical controls across multiple sites, identifying gaps, and prioritizing remediation actions. Key deliverables include an initial kickoff, discovery and analysis sessions, comprehensive assessment reports for each site, and an executive summary presentation with a remediation roadmap. The project emphasizes interviews, documentation review, and alignment with NIST CSF functions to strengthen overall security posture.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

The project established a quantified baseline against CISA CPG 2.0/NIST CSF and documented gaps by severity, demonstrating clear movement toward regulator‑desired outcomes. It delivered a time‑bound remediation roadmap with prioritized actions, accountable owners, and target dates, plus the evidence artifacts needed for audits. 

Describe their project management. Did they deliver items on time? How did they respond to your needs?

Project management was structured and proactive, with a single point of contact coordinating milestones, risks, and weekly status updates. All deliverables were completed on schedule, and the team adhered to the agreed timeline. Communication was clear, professional, and responsive to needs. When dependencies or clarifications arose, the team adjusted efficiently.

What was your primary form of communication with Breach Craft?

• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

The most impressive aspect was their ability to combine deep cybersecurity expertise with a highly structured and transparent engagement process. Their approach to aligning assessments with recognized frameworks, while providing a clear remediation roadmap, demonstrated both technical rigor and strategic foresight. Additionally, their responsiveness and commitment to clear communication throughout the project set a strong standard for professionalism and client partnership.

Are there any areas for improvement or something Breach Craft could have done differently?

At this time I don't see any areas for improvement.

BACKGROUND

Please describe your company and position.

I am the VP of IIT of Anne Arundel Community College

Describe what your company does in a single sentence.

Anne Arundel Community College (AACC) is a top-ranked, public, two-year institution in Arnold, Maryland, founded in 1961. Known as the largest single-campus community college in Maryland, it offers over 225 programs and 3,500+ courses to roughly 50,000 credit/noncredit students, featuring a 17:1 student-faculty ratio and specializing in STEM, health care, and transfer pathways.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Breach Craft to accomplish?

• Structured penetration testing engagement
• Covered core phases including planning, reconnaissance, vulnerability analysis, exploitation, and reporting
• validate security controls, uncover exploitable risks across relevant systems, and provide practical next steps to strengthen our overall security posture.

SOLUTION

How did you find Breach Craft?

Referral

Why did you select Breach Craft over others?

• High ratings
• Pricing fit our budget
• Great culture fit
• Good value for cost
• Company values aligned

How many teammates from Breach Craft were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

BreachLock delivered a structured penetration testing engagement that simulated real-world cyberattacks to identify security weaknesses before they could be exploited. The project covered core phases including planning, reconnaissance, vulnerability analysis, exploitation, and reporting, resulting in clear findings and actionable remediation guidance. Their work helped validate security controls, uncover exploitable risks across relevant systems, and provide practical next steps to strengthen our overall security posture.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

BreachLock conducted a well-structured penetration testing engagement that helped us identify and validate exploitable security weaknesses before they could become larger issues. Their team moved methodically through scoping, reconnaissance, vulnerability analysis, exploitation, and reporting, and delivered findings in a way that was both clear and actionable. As a result of the engagement, we gained measurable value in several areas: identified priority vulnerabilities requiring remediation, validated the effectiveness of existing security controls, improved visibility into our attack surface, and equipped our team with specific steps to reduce risk. The final deliverables gave us a stronger foundation for remediation planning, better alignment around security priorities, and greater confidence in our overall security posture.

Describe their project management. Did they deliver items on time? How did they respond to your needs?

BreachLock was a dependable and professional partner throughout the engagement. They delivered the project on time, stayed on budget, and were reliable from start to finish. Their team communicated clearly at every stage of the process, set expectations well, and kept us informed as the work progressed. We especially appreciated how detailed and organized they were in both execution and reporting.

From a value perspective, they were also cost-effective. The engagement provided strong return for the investment by delivering meaningful findings, practical recommendations, and a clear path forward for remediation. Their team was responsive, thorough, and easy to work with, which gave us confidence throughout the project. Overall, BreachLock combined technical expertise with strong project management and consistent communication, making them a trusted and effective partner.

What was your primary form of communication with Breach Craft?

• In-Person Meeting
• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

BreachLock was an outstanding partner. Their team is smart, highly skilled, and made up of deeply technical experts who clearly understand both the strategic and operational sides of penetration testing. Throughout the engagement, they demonstrated a strong command of the work, approached the project with professionalism and precision, and delivered high-quality results we could trust.

They were reliable, detail-oriented, and strong communicators from beginning to end. The project stayed on time and on budget, and their reporting was clear, thorough, and actionable. Just as important, they were cost-effective and dependable, giving us real confidence that the investment was worthwhile. Overall, BreachLock brought the right mix of technical depth, responsiveness, and professionalism, and we were very impressed with their work.

Are there any areas for improvement or something Breach Craft could have done differently?

Great engagement. No issues or concerns from our team. 

BACKGROUND

Introduce your business and what you do there.

I’m the global director of Actualize Consulting. We provide management and automation solutions for financial functions, specializing in capital markets, mortgage, fixed income, and treasury operations for financial institutions and government entities.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Breach Craft?

We needed help with internal and external penetration testing.

SOLUTION

What was the scope of their involvement?

Breach Craft provided internal and external penetration testing for our entire firm. They shared their findings and walked us through how to resolve the issues. The team also provided PDF reports.

What is the team composition?

We worked with 2–5 teammates from Breach Craft.

How did you come to work with Breach Craft?

Someone referred Breach Craft to me. I chose them over other options because their pricing fit our budget, they were a great culture fit, and their company values aligned with ours.

What is the status of this engagement?

We worked together from February to March 2026.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

We had no findings after the project. We were also happy with their handling of the project.

How did Breach Craft perform from a project management standpoint?

Breach Craft delivered on time. We primarily communicated via virtual meetings, emails, and messaging apps.

What did you find most impressive about them?

Breach Craft provided one-on-one time to get to know their team. They were also interested in our unique company setup. Overall, they were very positive throughout the project.

BACKGROUND

Introduce your business and what you do there.

I'm the founder of Cyberblack, a cybersecurity consulting firm offering technical innovative solutions and tools for commercial, government, and personal clients to identify, detect, and automate responses to security threats.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Breach Craft?

We needed help with technical penetration testing and cybersecurity assessments.

SOLUTION

What was the scope of their involvement?

Breach Craft provided internal and external penetration testing for a city/state entity. The team also conducted Nessus vulnerability scanning, developed penetration test reporting and vulnerability reporting, interfaced with the client, and led the penetration testing team. The main deliverables were a final report for penetration testing that included both internal and external testing. The team also developed a vulnerability assessment and assisted in the deliverable for the NIST 800-53 assessment.

What is the team composition?

We worked with one teammate from Breach Craft.

How did you come to work with Breach Craft?

 Breach Craft was referred to me, and their company values aligned with ours. I also had network trust and confidence in them after many discussions on resourcing help with Cyberblack.

What is the status of this engagement?

We worked together from March 2025–May 2025.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

We considered the project a success because of the testing successes, client satisfaction, and great communication. Breach Craft identified a critical vector of attack and vulnerability otherwise unknown to the client. The client took actions and followed the recommendations provided by the Cyberblack/Breach Craft team.

How did Breach Craft perform from a project management standpoint?

Breach Craft's project management was great. The team had good communication and efficient usage of meetings and time. They delivered on time and ahead of schedule. We communicated via virtual meetings, email, and messaging apps.

What did you find most impressive about them?

We were impressed by the ease of partnership, great communication, high technical skillset, innovation, and collaboration. The team was also good at providing technical explanations for the client in simple terms.

Are there any areas they could improve?

I didn't think there was anything they could improve on.

BACKGROUND

Introduce your business and what you do there.

I’m the customer success manager of a company that provides cybersecurity consulting, secure IT engineering, managed security services, and staffing solutions to help businesses build and maintain robust cybersecurity programs.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Breach Craft?

We needed help with project outsourcing.

SOLUTION

What was the scope of their involvement?

Breach Craft provided high-touch penetration testing and risk assessment services. The team also delivered reports and recommendations in a short timespan.

What is the team composition?

We worked with 2–5 teammates from Breach Craft.

How did you come to work with Breach Craft?

Someone referred Breach Craft to me. I chose them over other cybersecurity service providers because they had high ratings, a great culture fit, and aligned company values.

What is the status of this engagement?

We worked with Breach Craft from December 2025 to January 2026.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

Breach Craft's work increased our project closure rate.

How did Breach Craft perform from a project management standpoint?

Breach Craft's project management was very timely. The team consistently updated us throughout the process. We communicated via virtual meetings, emails, and messaging apps.

What did you find most impressive about them?

Breach Craft's availability, professionalism, and kindness were impressive.

Are there any areas they could improve?

I can't think of anything for Breach Craft to improve.