The Architecture & DevSecOps audit is a flat €3,000, delivered in 2 weeks. The monthly retainer is €1,000/month with no duration commitment. Specialized engagements (IAM redesign, Landing Zone, SOC2 prep) are quoted after a scoping call.

2 weeks from kick-off to deliverable. Concretely: week 1 = mapping + interviews, week 2 = analysis + prioritized action plan. You walk away with an operational document, not slideware.

Three classic moments: (1) the AWS bill exceeds €10K/month and nobody knows why, (2) a SOC2 or ISO 27001 audit is announced for the next 6 months, (3) the multi-account architecture is collapsing under growth pressure. If you recognize yourself, it’s the right time.

Directly, exclusively with your engineering team. No subcontracting, no partner firm. That’s what keeps the rigor and speed. Pricing reflects this delivery model.

Yes, via a dedicated IAM role with read-only permissions by default, extended only if needed. Everything is traced in CloudTrail, MFA mandatory, access revoked on mission end day. No long-lived access keys.

For the FinOps audit specifically, we commit to identifying savings at least 3× the audit price over 12 months — otherwise we refund the difference. For security or architecture engagements, ROI shows up as avoided risk — less direct, but documented in the deliverable.

No, AWS exclusively. It’s our core expertise and it’s what lets us deliver at large-firm level on sharp topics (SCPs, Identity Center, Control Tower, custom Config rules). For Azure or GCP, we redirect to other firms.

Under NDA for most. During a scoping call, we can share 2-3 anonymized cases matching your industry and size. For named references, it’s possible after a follow-up call and NDA signature.