Globe-America Consulting · SDVOSB · Fort Worth, TX
Managed Security Services
Purpose-built for small-to-mid defense contractors who need ongoing security oversight without enterprise MSSP overhead. Globe-America operates as an External Service Provider (ESP) under your CMMC program — delivering policy-driven security monitoring, advisory, and governance through enterprise-grade platforms without requiring access to your Controlled Unclassified Information.
Advisory-first. No CUI access. We provide oversight, advisory, and governance — we do not deploy agents on your systems or handle CUI. Your existing IT team stays in place. We add the CMMC-native security advisory layer they don't have, backed by platforms that carry their own CMMC and FedRAMP credentials.
Our Platform
Three Integrated Security Capabilities
Globe-America's managed security program is powered by three enterprise-grade platforms, each purpose-built for the controls they support. Each carries its own CMMC credentials — the technical compliance burden falls on the platforms, not just your policies.
📊
SIEM & Log Management
Audit · Detection · XDR
✓Audit & Accountability: AU 3.3.1–3.3.9
✓Incident Response: IR 3.6.1–3.6.2
✓Continuous Monitoring: CA 3.12.3
✓75+ integrations, unlimited log ingestion
✓Automated threat detection and guided response
CMMC Level 2 Ready
🛡
MDR / EDR / Vulnerability
Detection · Response · Scanning · Insurance
✓24/7 AI + human-led managed detection and response
✓Vulnerability scanning — CMMC 3.11.2
✓Email security with AI-driven phishing protection
✓Identity, cloud, and dark web monitoring
✓Cyber insurance — up to $3M coverage available
Built for SMB MSPs
🔒
CUI Encryption & Secure Comms
Encryption · File Sharing · Email
✓102 of 110 NIST 800-171 controls supported
✓FedRAMP Moderate Equivalent — first CSP certified
✓FIPS 140-2/140-3 end-to-end encryption
✓Sovereign hosting on U.S. Government cloud
✓60+ clients have achieved 110/110 CMMC scores
FedRAMP Moderate Equiv.
$2K–$5K
Market Rate / Month (SMB)
Industry average for small business full-service MSSP — Globe-America is priced below market for advisory-only model
$20–$75
Per Endpoint / Month
Market range for full-deployment MSSP — advisory model justifies lower pricing
89%
SMBs Needing Cyber Insurance
Only 26% have it — Globe-America provides access to affordable coverage through our MSSP program
$3M
Max Insurance Coverage
Available through Globe-America MSSP clients — posture-based eligibility, no lengthy questionnaires
Service Packages
Three Managed Security Tiers
12-month minimum on all packages. Month-to-month after minimum period. Base pricing covers environments up to 50 endpoints / 25 users.
🛡
Bronze · Entry Level
WatchPost
Baseline CMMC-aligned security oversight for Level 1 contractors and organizations establishing their compliance posture
$1,500 – $2,500
per month · 12-month minimum
Per-endpoint: $18–$22/endpoint/month
Base covers: Up to 25 endpoints
Included
- ✓Monthly security posture review call
- ✓SIEM oversight — alert advisory and monthly log review
- ✓MDR advisory — alert interpretation and escalation guidance
- ✓Vulnerability scan review — monthly findings and prioritization (CMMC 3.11.2)
- ✓SPRS maintenance and annual affirmation support
- ✓Security policy maintenance — annual review
- ✓Incident response plan development
- ✓CMMC 14-domain quarterly control check
- ✓Security awareness training advisory
- ✓Cyber insurance — eligibility review and enrollment support
- —Bi-weekly calls (upgrade to CyberGuard)
- —24x7 SOC/MDR escalation (upgrade to Sentinel)
Best For
Level 1 contractors, early compliance stage organizations, and advisory clients adding a security oversight layer.
🛡🛡
Silver · Standard
CyberGuard
Active SIEM and MDR oversight with full CMMC integration for Level 2 contractors with active CUI environments
$3,000 – $5,500
per month · 12-month minimum
Per-endpoint: $25–$35/endpoint/month
Base covers: Up to 50 endpoints / 30 users
Everything in WatchPost, Plus
- ✓Active SIEM management — log triage, alert escalation, bi-weekly review
- ✓Active MDR monitoring — identity, endpoint, email, cloud unified view
- ✓Bi-weekly security review calls (2x/month)
- ✓Monthly DIB threat intelligence briefing
- ✓IR tabletop exercise — annual
- ✓SSP quarterly review and update support
- ✓POA&M integration with security findings
- ✓Supply chain security advisory — DFARS 7021 flow-down
- ✓Cyber insurance — enrollment + annual review
- ~24x7 SOC/MDR escalation available as add-on ($12–$20/asset/mo)
Best For
Level 2 contractors with active CUI environments needing continuous oversight between compliance engagements.
🛡🛡🛡
Gold · Full Coverage
Sentinel
Full-spectrum security program with 24x7 MDR advisory, DFARS incident reporting support, and executive reporting for prime contractors
$6,000 – $10,000
per month · 12-month minimum
Per-asset: $12–$20/monitored asset/month
Base covers: Up to 75 endpoints / 50 users
Everything in CyberGuard, Plus
- ✓24x7 MDR advisory oversight — continuous monitoring with escalation layer
- ✓Weekly security briefings — dedicated advisor availability
- ✓Incident response on-call advisory — 4-hour response SLA
- ✓DFARS 72-hour reporting support — documentation and notification advisory
- ✓Monthly executive security dashboard and board-ready reporting
- ✓Annual penetration test advisory — scope, vendor selection, findings review
- ✓Full supply chain security program — sub vetting and continuous oversight
- ✓Pre-assessment annual security readiness review
- ✓Priority scheduling and dedicated advisor direct line
- ✓Cyber insurance — enrollment, coverage review, annual renewal management
- ✓Combined discount with Tier 1 compliance retainer
Best For
Prime contractors, Tier 1 retainer clients, and organizations with complex multi-contract CUI environments.
Revenue Opportunity
Cyber Insurance — Included with Every MSSP Package
The Problem
89% of SMBs recognize cyber insurance as a necessity — only 26% have it. Most are blocked by complex eligibility requirements and lengthy underwriting questionnaires. Globe-America eliminates that barrier.
If you're enrolled in a Globe-America MSSP package, your security posture is already monitored and documented. That's all that's needed to assess coverage eligibility — no separate process.
Coverage Details
Up to $3M coverage available across most US states. Includes:
✓Media content liability
✓Hardware replacement coverage
✓Ransom payment coverage
✓Competitive, posture-based pricing
✓Previously uninsurable businesses can qualify
Why It Matters
Three layers of protection in one relationship. A client enrolled in a Globe-America MSSP package is covered at the security layer (monitoring), the compliance layer (CMMC advisory), and the financial layer (insurance). That's the most resilient posture a small defense contractor can have — and it's delivered through a single point of contact.
CMMC compliance reduces your risk profile. A lower risk profile means more favorable insurance terms. The two reinforce each other.
Optional Add-Ons
A La Carte Services
Any service below can be added to any package or purchased standalone. Monthly pricing unless noted.
🔥
Managed EDR Advisory
$14–$22 per endpoint/month
Policy review, alert advisory, and configuration guidance for your endpoint detection and response platform. Includes monthly findings summary and remediation prioritization.
📊
Managed SIEM Advisory
$1,500–$3,500/month standalone
Log review, alert triage guidance, and escalation advisory. Monthly findings report and remediation prioritization included. Volume pricing available for larger environments.
🌎
24x7 MDR Advisory Oversight
$12–$20 per monitored asset/month
Continuous managed detection and response monitoring with Globe-America escalation layer. Includes DFARS 72-hour incident reporting advisory. Add-on for WatchPost or CyberGuard; included in Sentinel.
🔍
Vulnerability Management Advisory
$500–$1,000/month standalone
Monthly scan review, CVSS prioritization, and remediation tracking advisory. Supports CMMC 3.11.2 compliance. Standalone option for clients not on a full MSSP package.
🔒
Email Security Advisory
$300–$600/month
Email security platform policy review and configuration advisory. Phishing simulation program guidance and security awareness training advisory included.
⚙
Incident Response Retainer
$800–$1,500/month
On-call IR advisory with 4-hour response guarantee. DFARS 72-hour notification support and documentation advisory included. Overage at $300/hr.
👥
Security Awareness Training
$400–$800/month
Managed security awareness training program with phishing simulation. Tracks completion for CMMC requirements and generates assessor-ready evidence.
📄
Penetration Test Advisory
$1,500–$3,000 one-time
Scope definition, vendor selection, and findings review. Translates results into CMMC-relevant remediation actions and POA&M updates. Annual cadence recommended.
📋
Cyber Insurance Enrollment Included
Included with all MSSP packages
Cyber insurance eligibility review and enrollment support available to all managed clients. Posture-based assessment — coverage up to $3M. Available across most US states.
Feature Comparison
What's Included at Each Level
| Service |
🛡 WatchPost
$1,500–$2,500/mo |
🛡🛡 CyberGuard
$3,000–$5,500/mo |
🛡🛡🛡 Sentinel
$6,000–$10,000/mo |
| SIEM & LOG MANAGEMENT |
| SIEM alert advisory and log review | ✓ Monthly | ✓ Bi-weekly | ✓ Weekly |
| Audit & Accountability (AU 3.3.1–3.3.9) | ✓ | ✓ | ✓ |
| Incident Response controls (IR 3.6.1–3.6.2) | ✓ | ✓ | ✓ |
| Continuous monitoring (CA 3.12.3) | ✓ | ✓ | ✓ |
| MDR / EDR / VULNERABILITY / EMAIL |
| MDR alert advisory and escalation guidance | ✓ | ✓ | ✓ |
| Vulnerability scan review (CMMC 3.11.2) | ✓ | ✓ | ✓ |
| Email security advisory | ✓ | ✓ | ✓ |
| Dark web monitoring advisory | ✓ | ✓ | ✓ |
| 24x7 MDR advisory oversight | — | Add-on | ✓ |
| CUI PROTECTION |
| Secure CUI platform recommendation & setup advisory | ✓ | ✓ | ✓ |
| CUI enclave scoping and documentation | — | ✓ | ✓ |
| COMPLIANCE & ADVISORY |
| SPRS maintenance + annual affirmation | ✓ | ✓ | ✓ |
| Security policy maintenance | ✓ Annual | ✓ Quarterly | ✓ Ongoing |
| CMMC 14-domain control check | ✓ Quarterly | ✓ Monthly | ✓ Monthly |
| SSP quarterly maintenance | — | ✓ | ✓ |
| Supply chain security advisory | — | ✓ | ✓ |
| DFARS 72-hour reporting support | — | — | ✓ |
| Executive security dashboard | — | — | ✓ |
| IR tabletop exercise (annual) | — | ✓ | ✓ |
| Pen test advisory (annual) | — | — | ✓ |
| INSURANCE |
| Cyber insurance eligibility review | ✓ | ✓ | ✓ |
| Insurance enrollment support | ✓ | ✓ | ✓ |
| Annual coverage review and renewal management | — | — | ✓ |
Microsoft Licensing · Government Authorized Reseller
Microsoft 365 Licensing
Globe-America is an authorized Microsoft government license reseller through a Microsoft AOS-G (Authorized Distributor of Government Solutions) partner — the specific authorization required to resell GCC and GCC High licensing to defense contractors. For DIB clients, this means one vendor covers both compliance advisory and Microsoft licensing. All licensing is invoiced through Globe-America with the discount rate locked at renewal.
🎯
AOS-G AUTHORIZED CHANNEL
Government-only Microsoft program — required for GCC & GCC High resale to DIB contractors
🔒
CMMC CONTROL MAP INCLUDED
Microsoft Responsibility matrix shows which CMMC L2 controls GCC High inherits — assessor-ready
🔄
RENEWAL RATE LOCKED
Your discount rate is preserved at the same level as the original purchase at every annual renewal
Microsoft 365 Commercial
For Level 1 contractors · FCI only · Not approved for CUI under DFARS 7012
| Plan |
List Price |
GAC Price |
July 2026 |
| Business Basic |
$6.00 |
$8–$9 |
+17% ↑ |
| Business Standard |
$12.50 |
$16–$17 |
+12% ↑ |
| Business Premium ★ |
$22.00 |
$25–$27 |
No change ✓ |
★ Best value: Business Premium includes Defender for Business, Intune, Azure AD P1, and advanced threat protection — and is the only plan with no July 2026 price increase.
Microsoft 365 GCC High
For Level 2 contractors · CUI environments · DFARS 7012 & CMMC compliant
| Plan |
List Price |
GAC Price |
CMMC L2 |
| GCC High Business Premium |
~$36 |
$40–$44 |
+ add-on req. |
| CMMC L2 Add-On Bundle |
+$24 |
+$27–$30 |
Defender + Purview |
| Full CMMC L2 Bundle ★ |
~$60 |
$67–$74 |
✓ Full L2 |
★ CMMC L2 compliant: GCC High runs on Azure Government with FedRAMP High, U.S.-person-only staff, and sovereign data centers. Only users handling CUI need GCC High licenses — scope CUI users to control costs.
🚀
GCC High Migration Advisory
$3,000–$8,000 one-time
Scoping, CUI boundary definition, licensing strategy, and migration oversight. Coordinates with your IT team — no rip-and-replace required. Includes SSP update to reflect the new compliant environment.
⚙
Microsoft Security Enablement
$1,500–$4,000 one-time · SOW available
Full Microsoft tenant security setup: Defender for Office 365, MFA + Conditional Access, Intune compliance policies, Purview labeling, DLP policies, Defender for Endpoint, BitLocker encryption, and mobile device management. Delivered by our government-authorized Microsoft partner.
📋
License Management
Included with active MSSP package
Monthly license review, renewal management, user adds/removes, and utilization reporting. Microsoft CMMC Responsibility matrix provided with every GCC High engagement — shows assessors exactly which controls Microsoft owns.
All prices per user/month on annual commitment. GCC High pricing negotiated directly — contact for exact quote. List prices effective through June 30, 2026; July 2026 increases apply at renewal.
Why Globe-America
What Makes This Model Different
The Problem With Traditional MSSPs
Most MSSPs require system access — agents deployed, cloud integrations, IT environment visible to a third party. For defense contractors handling CUI, every vendor with system access is a potential audit finding and scope expansion risk.
Enterprise MSSP pricing ($5K–$20K/month) was built for 200+ employee organizations. Most small DIB contractors are paying for 80% of a package they'll never use — and still need to manage SPRS, SSP, and CMMC compliance separately with a different vendor.
The Globe-America Difference
Advisory-first, no CUI access. You keep your IT provider. We add the CMMC-native security advisory layer they don't have.
Everything maps to CMMC controls. Your MSSP investment contributes directly to your NIST 800-171 score — not just your security posture. Most MSSPs can't say that.
One relationship, full stack. Compliance advisory, security monitoring, Microsoft licensing, and cyber insurance — all through Globe-America.
Right-sized. $1,500–$10,000/month based on what you actually need.
Not Sure Which Package Fits?
Book a 60-minute Readiness Consultation ($197, applied as credit toward engagement). We'll assess your environment, identify your CMMC control gaps, review your cyber insurance eligibility, and recommend the right package for your size, contracts, and risk profile.
Book a Consultation →
globe-america.com · Fort Worth, TX · SDVOSB · CMMC Registered Practitioner
