CyberOne Assurance
Access Required
Incorrect username or password.

CyberOne Assurance LLC · Internal Use Only

Mission Control

Business Roadmap Progress Tracker

CyberOne Assurance LLC — tracking every milestone from formation to first client. Goal: first paying client by end of Q1 2028.

Overall Progress
0%
0Completed
0Remaining
0Total Tasks
Q1 2028Target Date
Phase 1

Foundation

Q3 2026 · Jul – Sep 2026 In Progress
0 / 0 complete
✅ Completed
LLC Formation — CyberOne Assurance LLC
Filed with Arkansas Secretary of State. Filing ID 998252, Transaction 144859146.
$45July 9, 2026
EIN — Employer Identification Number
EIN 42-3801799 issued via IRS Notice CP575G.
$0July 13, 2026
Primary Domain — cyberoneassurance.com
Purchased and live on Namecheap. Website deployed on Netlify with SSL.
~$15/yrJuly 2026
Defensive Domain — cyber1assurance.com
Purchased and parked to prevent competitor registration. Not in active use.
~$15/yrJuly 2026
Website — Live on Netlify with SSL
Informational / pre-launch site live at cyberoneassurance.com. SSL certificate active.
$0July 2026
M365 Business Tenant — CyberOne Assurance
Dedicated Microsoft 365 tenant configured for CyberOne Assurance LLC operations.
MonthlyJuly 2026
Logo Direction Decided
Crosshair + corner brackets icon. Colors: Midnight blue #042C53 (primary), Electric blue #378ADD (secondary), Ice blue #E6F1FB (tertiary). Circular badge format to be commissioned via Fiverr.
$0July 2026
🔲 This Week
Call AR State Police Regulatory Services
Call 501-618-8600. Ask whether solo penetration testing / vulnerability assessment requires a PI or private security license under Act 393. Get the answer in writing.
$0Urgent
Open Business Bank Account
Recommended: Novo Business Checking (novo.co) — $0/month, no minimums, free ACH, built-in invoicing, integrates with QuickBooks/Stripe. Have LLC docs + EIN ready. Runner-up: Relay (relay.fi).
$0Urgent
Start TryHackMe — Free Tier
Create a free account at tryhackme.com. Start the "Jr Penetration Tester" learning path. Do not pay yet — evaluate whether you're logging in consistently before subscribing.
$0Q3 2026
🔲 Within 30–60 Days
Get E&O / Cyber Liability Insurance Quotes
Contact Insureon, Hiscox, and TechInsurance. Request "technology E&O" + "cyber liability" quotes as a solo cybersecurity consultant. Quotes are free — get your real number before budgeting anything further.
$0 for quotesQ3 2026
Commission Final Logo on Fiverr
Search "circular badge logo cybersecurity" on Fiverr. Provide: crosshair + corner brackets icon, Guardian Forensics badge format reference, hex codes #042C53 / #378ADD / #E6F1FB, name "CyberOne Assurance."
$20–50Q3 2026
Upgrade TryHackMe to Premium (if using it)
Only upgrade if you are logging in consistently. Annual billing is better value: ~$108–140/year vs ~$14/month.
~$14/mo or $140/yrQ3 2026
Set Up Home Lab
Install VirtualBox (free) or VMware Workstation Player (free) on your current machine. Download Kali Linux (free). No additional hardware needed to start.
$0Q3 2026
🔲 Before Quarter Ends
Update Domain Registrant Info on Namecheap
Update cyberoneassurance.com registrant name from personal to "CyberOne Assurance LLC." Pay future renewals from the business bank account.
$0Q3 2026
Set Calendar Reminder — AR Franchise Tax
$150 annual franchise tax due May 1, 2027. Set a recurring calendar reminder. Pay from business bank account.
$150/yrDue May 1, 2027
Phase 2

Skill Building — Foundations

Q4 2026 · Oct – Dec 2026
0 / 0 complete
Purchase PJPT Exam Voucher
TCM Security Practical Junior Penetration Tester. Includes 12 months of Practical Ethical Hacking course (20+ hrs) + one exam attempt + one free retake. Vouchers do not expire. Purchase at certifications.tcm-sec.com/pjpt
$249TCM SecurityQ4 2026
Begin PJPT Study — Practical Ethical Hacking Course
Work through the included PEH course alongside TryHackMe Jr Penetration Tester path. Study pace: 1–2 hours/day weekdays. Target exam-ready by end of Q1 2027.
IncludedTCM SecurityQ4 2026
Build Active Directory Home Lab
Set up Windows Server + Windows 10 VMs in VirtualBox following the PEH course instructions. Windows Server evaluation licenses are free for 180 days. Minimum 16GB RAM required — budget for upgrade if needed.
$0 (or RAM upgrade)Q4 2026
Phase 3

Skill Building — PJPT & PNPT

Q1–Q2 2027 · Jan – Jun 2027
0 / 0 complete
Sit & Pass PJPT Exam
2 days to compromise an internal AD network + 2 days to write a professional pentest report. No CTF flags, no multiple choice. Real methodology. Result: first verifiable hands-on pentest credential + a real work-sample report.
PJPTTarget: Q1 2027
Purchase PNPT Exam Voucher
TCM Security Practical Network Penetration Tester. Includes 5 courses (45+ hrs: PEH, Windows PrivEsc, Linux PrivEsc, OSINT Fundamentals, External Pentest Playbook) + one exam attempt + one free retake. Purchase at certifications.tcm-sec.com/pnpt
$499TCM SecurityQ1–Q2 2027
Begin PNPT Study
Work through all five included courses. Key additions over PJPT: OSINT, external network testing, AV/EDR evasion, advanced lateral movement.
IncludedTCM SecurityQ1–Q2 2027
Buy E&O / Cyber Liability Insurance Policy
Use the quotes from Q3 2026. Must purchase before touching any live client system — even pro bono. This is not optional: it's what makes you insurable and hirable.
$400–800/yr est.Required before client workQ2 2027
Phase 4

PNPT & Portfolio

Q3 2027 · Jul – Sep 2027
0 / 0 complete
Sit & Pass PNPT Exam
5 days to compromise a simulated corporate network (OSINT → external → internal AD → domain controller) + 2 days for professional report + live 15-min debrief with TCM senior pentesters as "client." Result: professional credential, client-ready report template, live debrief experience.
PNPTTarget: Q3 2027
Add HackTheBox VIP
After PJPT + PNPT, HackTheBox's less-guided, more realistic machines are the right next sharpening step. Start with retired machines that have published walkthroughs.
~$14/moQ3 2027
Complete 2 Pro Bono / Discounted Engagements
Approach 1–2 very small local businesses or nonprofits. Requires: signed SOW, written authorization, active E&O insurance, rules of engagement. Goal: first real case study and reference. No exceptions on authorization.
Your timeQ3 2027
Update Website from Pre-Launch to Active
Remove pre-launch framing. Add PJPT + PNPT credentials. Add PTES, NIST SP 800-115, and OWASP Testing Guide references. Add final logo. Update services page with clear scope.
$0Q3 2027
Phase 5

Client Acquisition

Q4 2027 · Oct – Dec 2027
0 / 0 complete
Define First Target Client Profile
Most realistic first clients: SMBs (50–500 employees) with compliance pressure (HIPAA, CMMC, cyber insurance) who can't afford a large firm. Target verticals: healthcare clinics, small defense contractors, credit unions, regional law firms.
$0Q4 2027
Build Referral Network
Most realistic path to first client is through MSSP contacts, not cold outreach. Former colleagues, IT directors at prior MSSP client companies, and local MSPs who need to refer out pentest work are your warmest leads.
$0Q4 2027
Join Local Professional Communities
Arkansas InfraGard (FBI-affiliated, free), ISACA Little Rock chapter, ISSA chapter if active in AR. These are where IT directors and security managers who buy services go. Show up before you're selling.
Free–LowQ4 2027
Begin Warm Outreach
Email or call the 5–10 most relevant contacts from MSSP history. Frame as reconnecting. Tell them CyberOne Assurance is now doing independent pentesting and vulnerability assessments. Ask if they know anyone who might need it.
$0Q4 2027
Prepare Rate Card & Scope of Work Template
Starting rates: $1,500–4,000 for external vulnerability assessment; $3,000–8,000 for internal network pentest. SOW template must include: targets, testing window, rules of engagement, emergency stop procedure, point of contact.
$0Q4 2027
Phase 6

🎯 First Client

Q1 2028 · Jan – Mar 2028
0 / 0 complete
Sign First Engagement — SOW + Rules of Engagement
Signed scope of work and written authorization from someone with authority to grant it. No testing begins without both documents signed. No exceptions, ever.
Required firstQ1 2028
Deliver First Pentest or Vulnerability Assessment
Execute the engagement within the signed scope. Follow PTES / NIST SP 800-115 methodology. Document everything as you go.
Q1 2028
Deliver Professional Report
Executive summary (written for non-technical decision-makers) + technical findings appendix with CVSS-style risk ratings and reproduction steps + prioritized remediation list ranked by real-world impact.
Q1 2028
Conduct Client Debrief
Present findings live to the client. You have already practiced this format in the PNPT exam debrief. Explain what was found, how it was found, and why it matters — in plain English for leadership.
Q1 2028
Request Testimonial / Case Study Permission
Ask the client if they're willing to be featured as a case study on the website. Anonymized is fine if they prefer. First case study is critical social proof for the next client.
Q1 2028
Phase 7

Long-Term Growth

2028 & Beyond
0 / 0 complete
OSCP / PEN-200 — OffSec
Industry gold standard. Most requested pentest cert by name in enterprise and government job postings. 23h45m hands-on exam + 24h report. PJPT + PNPT gets you through the SMB door; OSCP opens the enterprise door. Fund from business revenue.
$1,749OffSec2028+
File Federal Trademark — "CyberOne Assurance"
Search tmsearch.uspto.gov first, then file at uspto.gov/trademarks. Deferred due to budget — file once business has revenue. Protects the brand federally across all 50 states.
$250–350/class2028+
Annual Arkansas Franchise Tax
$150/year due May 1 every year. Pay from business bank account. First payment due May 1, 2027.
$150/yrMay 1 annually