# Regular Review Calls #### **Best Practice: The Security Review Call** The tenant review call is a focused 30+ minute session held monthly or quarterly. Its purpose is to review the client's security posture, address questions, conduct joint threat hunting, and provide assurance, using real-time evidence, that the client's assets are secure and properly configured. **The purpose** is to establish a consistent, efficient rhythm for delivering proactive security assurance. These regular meetings transform the client relationship from reactive support to a strategic partnership, demonstrating ongoing value and building trust through transparency and expert guidance. **ThreatDefence Partnership Support** for MSP's: to ensure a strong start, ThreatDefence senior security analysts will participate in the first five review calls on behalf of the MSP, if required. This provides expert-led modelling of the meeting cadence, demonstrates high-value engagement and helps train the team in session best practices. **Recommended Call Structure (30-Minute Agenda)** 1. **Open Escalations Review (5 mins):** Address any pending or active security tickets requiring client input or action. 2. **Critical & High-Severity Alert Review (10 mins):** Walk through the most significant alerts from the period, explaining context, impact, and resolution. 3. **Configuration & Imminent Risk Discussion (10 mins):** Focus on misconfigurations, patching status, and external risks that require attention to prevent future incidents. 4. **Threat Hunting & Q\&A (5 mins):** Briefly showcase proactive hunting findings and answer the client’s security questions. **Key Benefits** * **Risk Reduction:** Ensures critical findings are communicated and acted upon promptly. * **Client Confidence:** Builds trust through regular, high-touch expert engagement. * **Uplift Opportunities:** Naturally surfaces needs for additional security uplift. **Outcome & Follow-Up** * **Within 12 Hours:** Send a meeting summary(automated AI-generated) email recapping decisions, actions and key evidence reviewed. * **Track:** Monitor the completion of agreed-upon client actions before the next review cycle. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.threatdefence.com/security-operations/regular-review-calls.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.