Managed Security + IT · Small Business

Hard.Sharp.Resilient.

CyberObsidian is managed security and IT for small businesses — endpoint protection, monitoring, incident readiness, and framework-aligned reporting, delivered with founder-led accountability and a service model built to grow with your business.

Request an assessment →What we do

ob·sid·i·an /ˈɒbsɪdiən/ — volcanic glass. hard, sharp, Resilient.

What we do

Security administration, run with discipline.

The work small businesses rarely have the time or in-house team to do well — delivered with direct founder oversight and grounded in established frameworks.

Endpoint

Managed endpoint security

SentinelOne EDR deployed and managed across mixed Mac and Windows fleets — detection, response, and policy kept current, not set-and-forgotten.

Detection

Monitoring & response

Managed detection and response backed by SentinelOne and Huntress, with containment and remediation provided according to the coverage defined for each engagement.

Posture

Assessment & reporting

Security posture mapped to NIST CSF and CIS Controls, reported in plain language so you can see exactly where you stand and what to fix next.

Devices

Device & endpoint management

Apple Business Manager, standard Mosyle environments, Windows administration, application deployment, and asset inventory — the fleet kept consistent and accounted for.

Identity

Identity & access operations

Account lifecycle, access, and offboarding across Microsoft 365 and Google Workspace — the highest-leverage controls, handled correctly.

Governance

AI governance

AI usage policy, shadow-AI controls, and AI risk assessment — bringing the same framework discipline to how your team adopts AI tools.

New

The approach

Obsidian is volcanic glass — formed under pressure, hard, and sharp. The work carries the same promise: disciplined defense, built to hold.

AccuracyI report what I can prove. No inflated metrics, no theater — in marketing and in reporting alike.

Defense firstGrounded in NIST CSF and CIS Controls. Protecting and detecting comes before anything else.

Plain languageFindings in plain English. Clear explanations and actionable reporting, not a wall of acronyms.

DiscretionPrivileged access, handled seriously. Sensitive data and admin rights get the care they demand.

AccountabilityFounder-led accountability. You know who is responsible for the work, with clear ownership as CyberObsidian grows.

Security model

The fundamentals stay at the center.

CyberObsidian keeps security grounded in the CIA triad: protect sensitive data, preserve trust in systems, and keep the business operating when pressure hits.

Select any node to explore each principle.

Who it's for

Small teams that need real security, not a bigger headache.

Outsourced, accountable security administration for businesses that don't have — and don't want to build — an internal security team.

Mixed Mac & Windows shops

Creative agencies, media teams, and nonprofits running both platforms — environments where consistent management across Mac and Windows matters.

1–50 employees

Large enough to be a target, small enough that one disciplined operator can know the whole environment cold.

Owners who want clarity

You want to know where you stand against a real framework — and you want someone who answers for the answer.

FAQ

Common questions

Answers to what most people ask before reaching out.

Is my business too small to be a target?

How does pricing work?

What does getting started look like?

Is everything remote, or can you come on-site?

What kind of commitment is required?

Start here

Request an assessment.

A short call and a look at your current setup — endpoints, identity, and where you stand against NIST CSF and CIS Controls. No obligation, no pressure, plain-language findings.