search
TD Website

Regular Review Calls

hashtag
Best Practice: The Security Review Call

The tenant review call is a focused 30+ minute session held monthly or quarterly. Its purpose is to review the client's security posture, address questions, conduct joint threat hunting, and provide assurance, using real-time evidence, that the client's assets are secure and properly configured.

The purpose is to establish a consistent, efficient rhythm for delivering proactive security assurance. These regular meetings transform the client relationship from reactive support to a strategic partnership, demonstrating ongoing value and building trust through transparency and expert guidance.

ThreatDefence Partnership Support for MSP's: to ensure a strong start, ThreatDefence senior security analysts will participate in the first five review calls on behalf of the MSP, if required. This provides expert-led modelling of the meeting cadence, demonstrates high-value engagement and helps train the team in session best practices.

Recommended Call Structure (30-Minute Agenda)

  1. Open Escalations Review (5 mins): Address any pending or active security tickets requiring client input or action.

  2. Critical & High-Severity Alert Review (10 mins): Walk through the most significant alerts from the period, explaining context, impact, and resolution.

  3. Configuration & Imminent Risk Discussion (10 mins): Focus on misconfigurations, patching status, and external risks that require attention to prevent future incidents.

  4. Threat Hunting & Q&A (5 mins): Briefly showcase proactive hunting findings and answer the client’s security questions.

Key Benefits

  • Risk Reduction: Ensures critical findings are communicated and acted upon promptly.

  • Client Confidence: Builds trust through regular, high-touch expert engagement.

  • Uplift Opportunities: Naturally surfaces needs for additional security uplift.

Outcome & Follow-Up

  • Within 12 Hours: Send a meeting summary(automated AI-generated) email recapping decisions, actions and key evidence reviewed.

  • Track: Monitor the completion of agreed-upon client actions before the next review cycle.

PreviousIR ResponsibilitiesNextCustomer Operational Guide

Last updated