From kickoff to steady-state.
In thirty days.
Every OwlEye engagement runs the same eight-phase onboarding — scoped, written down, owned by a named team, and signed off in stages. No surprises in week five. No mystery owners at 3 a.m.
Written down. Signed off. Phase by phase.
Kickoff & Scoping
Executive intro call with your named Engagement Lead and SOC Shift Lead. We confirm in-scope properties, environments, traffic profile, compliance regime (SOC 2 / HIPAA / PCI / GDPR / NIS2), and the RACI you’ll sign.
Discovery & Access
Read-only audit of every WordPress estate in scope: core/theme/plugin inventory, hosting, DNS, CDN, WAF, mail, identity, integrations, and current backup posture. Access provisioned via least-privilege, time-bound, MFA-enforced credentials.
Baseline Forensics
Full forensic baseline before we change a single file. We diff core, theme, and plugin trees against canonical sources, scan for known IoCs, surface unauthorized admins, audit cron and webhooks, and stand up our telemetry pipeline.
Hardening Plan
Written hardening plan tailored to your estate: WAF policy, virtual patches for any open CVEs, plugin consolidation, secrets rotation, TLS posture, headers, file-system permissions, and a kill list of dormant or unmaintained code.
Migration to Hardened Hosting
Estate is migrated into our hardened, containerized hosting: per-client database, read-only application containers, encrypted backups, edge WAF, DDoS scrubbing, and managed TLS. Done in a parallel environment — your live site never goes dark.
Production Cutover
DNS cutover under change control with your team in the room. Pre-checks, go/no-go, traffic shift, post-checks, and a 24-hour heightened-watch window with the SOC on standby. Documented rollback at every step.
Runbook, Training & Handover
Your written runbook is delivered: contacts, severity matrix, on-call paths, change windows, approval chains, and the audit pack template. Working sessions with your in-house team so everyone knows who calls whom at 3 a.m.
Steady-State Operations
You enter steady state: 24/7 SOC monitoring, 10-business-day patch SLA, hourly encrypted backups, quarterly restore drills, monthly executive reporting, and on-demand audit evidence packs. Same named team. Forever.
What we need. What you get.
From your team
From OwlEye
Ready to scope your onboarding?
We’ll book a 45-minute scoping call with the Engagement Lead who would own your estate and walk you through the runbook day by day.