Frequently asked questions

If you are unsure what is exposed, start with the Free Website, Domain & Email Risk Check. If you already need a vendor-ready action plan, start the Cyber Risk Snapshot. Use Website & Email Security Cleanup for common cleanup, Secure Wi-Fi & DNS Protection Setup for small-office network basics, Cyber Insurance Readiness Review or Vendor Questionnaire Support for deadline-driven documentation, Website Health Monitoring for basic alerts after a baseline, and Security Watch for broader recurring oversight after the baseline is clear.

The $199 Snapshot diagnoses public-facing website, domain, and email signals. Website & Email Security Cleanup is a $750 fixed-scope cleanup for common website, DNS, email-authentication, and account-access basics. Secure Wi-Fi & DNS Protection Setup is From $750 for small-office router, staff Wi-Fi, guest Wi-Fi, and DNS basics. The From $1,500 Security Cleanup Sprint is broader fixed-scope implementation after a Snapshot or scoped intake. Website Health Monitoring is From $99/mo for basic alerts after a baseline. Security Watch is broader monthly website, domain, email, and public-facing security oversight after a baseline. Cyber Insurance Readiness helps with insurer or broker control questions and evidence gaps. Vendor Questionnaire Support helps draft truthful, supportable answers for client, insurer, or vendor-risk questionnaires.

Yes, when implementation is explicitly scoped. Website & Email Security Cleanup covers common website, DNS, email-authentication, and account-access basics. Secure Wi-Fi & DNS Protection Setup covers agreed staff Wi-Fi, guest Wi-Fi, router admin, and DNS filtering setup basics. A Security Cleanup Sprint can include broader guided or hands-on cleanup for agreed domain/email, workspace access, website/header, WordPress, MFA, backup, local network, or access items. Implementation is not unlimited IT support and is quoted or confirmed before payment.

No. CyberBit provides practical review, documentation, and fixed-scope hardening support. It does not guarantee security, breach prevention, compliance certification, cyber insurance approval, lower premiums, client approval, vendor approval, or account recovery.

CyberBit provides fixed-scope cybersecurity help for small professional-service firms and individuals. The focus is practical: public-signal scans, DNS/email/security-header review, plain-English reports, cyber insurance readiness, questionnaire support, workspace/access hygiene, and basic hardening.

No. CyberBit's entry offers are fixed-scope reviews and hardening services. They are not full compliance audits, penetration tests, SOC monitoring, MDR, or breach-response retainers.

Yes. CyberBit can help small businesses set up or rebuild practical websites with the security, domain, email, form, and handoff basics handled correctly.

Yes. Secure Website Redesign is for outdated, confusing, or weak websites that need a cleaner structure and better public-facing security basics.

Yes, if the business owns or is authorized to manage the website, domain, email, and related accounts. CyberBit does not bypass authentication or access systems without authorization.

Yes. CyberBit can help with baseline setup or review for business email, MFA, admin recovery, DNS/email authentication, and account ownership documentation.

No. CyberBit Security Watch is scoped website, domain, email, and public-facing security oversight. It is not full managed IT, 24/7 helpdesk, SOC, MDR, or unlimited support.

No. Support is scoped by project or monthly plan. Emergency response and 24/7 coverage are not included unless separately contracted.

Do not send passwords through website forms. When access is required, CyberBit prefers delegated access, screen share, temporary vendor access, or a secure handoff process.

No one can guarantee perfect security. CyberBit helps reduce obvious risk, improve configuration, document ownership, and create a stronger foundation.

If you are unsure what is wrong, start with Snapshot. If you already know the site needs to be rebuilt or the setup is messy, request redesign or a Security Cleanup Sprint.

That is a common takeover and cleanup issue. CyberBit can help map ownership and recommend safe next steps, but the client must be authorized to manage the assets.

A $199 plain-English PDF report that reviews public-facing domain, DNS, email-authentication, TLS, and website security-header signals. It summarizes visible gaps, ranks priority fixes, and gives a checklist your web vendor, IT provider, or internal team can act on.

The Snapshot is built to be useful to both non-technical owners and the vendor or IT team doing the work.

• Domain reviewed
• Public posture summary
• Top findings and severity
• Why each issue matters
• Priority fix order
• Exact DNS/email/security-header checklist
• Plain-English next steps
• The full $199 is credited toward an eligible cleanup engagement or productized service within 30 days when confirmed in writing.

Yes. The sample report shows the style, prioritization, and plain-English handoff format using anonymized or fictional details.

First draft within 3 business days after intake is complete.

The full $199 is credited toward an eligible cleanup engagement or productized service within 30 days when confirmed in writing.

No. The Snapshot is based on public signals and context you provide. Do not send passwords, private keys, backup codes, seed phrases, recovery codes, API keys, full payment card numbers, or private credentials.

It checks core public-control presence: HTTPS reachability, HTTP-to-HTTPS redirect, HSTS, Content Security Policy presence, clickjacking protection, MIME sniffing protection, Referrer Policy, Permissions Policy, MX records, SPF record presence, and DMARC record presence. Optional context such as DNSSEC, cookies, security.txt, server/provider disclosure, CAA, CORS nuance, and CSP/SPF quality belongs in deeper Snapshot review.

Yes. The scan is public-signal only. It does not attempt logins, credential testing, exploit testing, port scanning, or account access.

It shows the public IP address and basic connection/browser details visible to websites. It does not scan your device, test your router, check for malware, or prove anonymity.

It is a basic browser/network visibility tool that can show your public IP and, where supported, browser-exposed connection signals. It does not prove anonymity, guarantee VPN safety, scan your device, or perform exploit testing. Full DNS leak detection requires resolver-observation infrastructure.

Because exact DNS and email-authentication changes depend on your provider, approved senders, and hosting setup. Incorrect copy-paste records can break email or websites. The paid Snapshot provides the exact checklist after context is confirmed.

A low score means public controls are missing or could not be verified. It does not automatically mean you were hacked. It means there are visible items worth reviewing and prioritizing.

Website & Email Security Cleanup is a $750 fixed-scope cleanup for common website, DNS, email-authentication, and account-access basics. It can include SPF / DKIM / DMARC review and provider-ready fix guidance, website security-header review, DNS hygiene review, Google Workspace or Microsoft 365 basic admin and MFA review when authorized, a before/after summary, and a 30-minute walkthrough or handoff note.

A broader fixed-scope implementation service where CyberBit helps address priority fixes such as DNS setup, SPF/DKIM/DMARC, website security headers, Microsoft 365 or Google Workspace basics, MFA, backups, and access cleanup.

The exact modules are confirmed before payment. Common modules include domain/email hardening, workspace access hardening, website/header hardening, WordPress hardening where applicable, MFA/admin access cleanup, and provider coordination.

• Fixed-scope implementation or guided cleanup
• Completed fix log
• Before/after notes where applicable
• Provider/admin handoff notes
• Remaining recommendations for anything outside scope

The final scope depends on the number of domains, platforms, users, and systems involved. CyberBit confirms scope before you pay. The public starting price remains From $1,500.

Depending on the platform and access model, CyberBit may guide the changes over screen share, work from a checklist, coordinate with your vendor, or use delegated access where available. Passwords should not be sent by email.

No. The Security Cleanup Sprint is implementation and configuration cleanup. It is not exploit testing, unauthorized scanning, or a penetration test.

A fixed-scope service starting at $1,500 for businesses that received a security questionnaire from a client, insurer, vendor-risk team, or partner and need credible responses fast. The named deliverable is a Vendor Questionnaire Support Package.

CyberBit reviews the questionnaire intake, groups questions by topic, drafts supportable answers, adds evidence notes for supported controls, adds gap notes for partial or missing controls, and includes one revision window for business-owner feedback.

• Vendor Questionnaire Support Package
• Answer drafting based on the current setup
• Evidence and gap notes
• Safe wording for partial or planned controls
• One revision window
• Priority fixes that can be scoped separately

CyberBit helps organize accurate answers, identify gaps, and draft response language based on your current setup. The business owner or authorized representative should review and approve final answers.

Yes. CyberBit can distinguish between controls that are currently in place, partially in place, planned, or not applicable. The goal is credible answers, not false claims.

Typically 3-5 business days after receiving the questionnaire and required context.

Smaller questionnaires are scoped after intake, a standard questionnaire starts at $1,500, and large portal-heavy questionnaires may require a custom quote.

CyberBit will not invent controls, provide legal attestation, provide compliance certification, guarantee approval by a client or vendor-risk team, or submit final answers without business approval.

No. CyberBit Solutions does not sell, place, underwrite, or broker insurance. The readiness review is a fixed-scope cybersecurity documentation and evidence-gap review.

The Starting at $750 Cyber Insurance Readiness Review produces a Cyber Insurance Readiness Memo for common application or renewal topics such as MFA, backups, endpoint basics, admin access, incident response, domain/email evidence, and provider documentation.

• Insurer or broker questionnaire review
• Evidence checklist
• Control gap notes
• Provider-ready next steps
• Priority fix plan
• No guarantee of approval, lower premiums, legal advice, insurance advice, compliance certification, or fake attestations

No. Approval depends on the insurer, broker, underwriting process, and the business's actual controls. CyberBit can help you understand common control questions, evidence gaps, and priority fixes, but it cannot guarantee approval or lower premiums.

CyberBit can help interpret questions, identify evidence, and draft supportable response language. Final answers should be reviewed and approved by the business owner, broker, legal advisor, or insurance professional where appropriate.

CyberBit will not fabricate controls or tell you to claim a control exists if it does not. The readiness review documents the gap and recommends a practical fix plan, which can be scoped into Website & Email Security Cleanup or a Security Cleanup Sprint when implementation help is needed.

No. It is a fixed-scope readiness review and action plan, not a formal audit, certification, legal opinion, or insurance advice.

Security Watch includes Website Health Monitoring plus monthly public website, email, DNS, domain, TLS, and header rechecks, drift comparison, a Security Watch briefing, and one provider-ready priority note.

The brief shows meaningful changes since the prior review, open review items, website/header/TLS observations, email/domain/SPF/DKIM/DMARC/MX/DNS observations, a priority rating, and one provider-ready note.

No. Security Watch is not a 24/7 SOC, MDR, endpoint monitoring, SIEM/log monitoring, emergency incident response, penetration testing, breach investigation, or compliance certification service.

No. Security Watch includes review, guidance, and one provider-ready fix note each month. Implementation work is quoted separately unless it is explicitly included in a written scope.

A Cyber Risk Snapshot, cleanup, rebuild, takeover, or agreed baseline is strongly recommended first. Security Watch is most useful when there is a clear before-state to compare against each month.

Checks are performed monthly against the agreed public-facing website, email, DNS, and domain scope.

CyberBit flags the change in the Security Watch Brief, assigns a practical priority rating, and provides the next provider-ready step. If hands-on remediation is needed, implementation is scoped separately.

The From $499 Workspace Security Baseline is a supporting path for focused review of core Microsoft 365 or Google Workspace settings, including MFA, admin accounts, access, sharing, recovery settings, and email authentication.

• Workspace Security Baseline Report
• MFA, admin, access, sharing, recovery, and email-auth review notes
• Priority fix list
• Provider/admin handoff notes
• Fit check for New Business Tech Setup, Website & Email Security Cleanup, or Security Cleanup Sprint if hands-on cleanup is requested

No. The Workspace Baseline is a configuration and access-hygiene review. It is not endpoint monitoring, SOC/MDR, email content review, legal/compliance audit, or emergency incident response unless a separate written scope says otherwise.

No. CyberBit does not sell, broker, underwrite, or recommend insurance policies. Personal Cyber Lockdown is a cybersecurity setup and guidance service that helps reduce common personal digital risks.

No. Do not send passwords, private keys, backup codes, seed phrases, recovery codes, SSNs, bank details, full payment card numbers, or private credentials. You stay in control of your accounts during the guided session.

The exact checklist depends on the selected path, but Personal Cybersecurity can include password manager setup, MFA, account recovery cleanup, credit freeze or fraud alert guidance, family safety setup, and suspicious-login triage.

Choose Account Compromise Triage. CyberBit prioritizes securing your primary email, identity accounts, login sessions, MFA, recovery settings, and high-risk accounts first. CyberBit does not guarantee account recovery or provide law-enforcement, private investigation, forensic, legal, financial, insurance, or credit-repair services.

Password Manager + MFA Setup is narrow and focused on login security. Personal Cyber Lockdown is broader and includes account recovery settings, device basics, privacy exposure, and a wider personal risk checklist.

Personal Cyber Lockdown is for one person. Family Cyber Safety Setup adds household context, shared devices, parent/child accounts, location-sharing, and family recovery planning.

No. No legitimate cybersecurity service can guarantee that. CyberBit reduces common risks and gives you practical next steps.

No. Never send passwords, private keys, backup codes, seed phrases, recovery codes, API keys, full payment card numbers, or sensitive credentials through the site or by email.

Preferred options include screen share while you log in, delegated access where the platform supports it, or a checklist your IT/web provider implements.

No. CyberBit only works on accounts, domains, and systems you own or are authorized to manage.

No. CyberBit Solutions is not affiliated with, endorsed by, or certified by NIST or any government agency. CyberBit may reference public guidance from NIST, CISA, and platform providers when creating plain-English recommendations.

Unless a separate written scope says otherwise, CyberBit does not provide penetration testing, exploit testing, credential testing, social engineering, unauthorized scanning, emergency incident response, breach investigation, 24/7 monitoring, SOC/MDR, endpoint monitoring, unlimited implementation, legal advice, insurance advice, financial advice, compliance certification, insurance approval guarantees, or questionnaire approval guarantees.

Free scan results are generated from public signals and returned in your browser. CyberBit may also store the submitted domain and scan summary internally to review scan activity and identify follow-up opportunities. The scan does not require account login or private credentials. Do not submit private credentials or sensitive data.

Small businesses need clear scope, clear price, and clear deliverables. Fixed-fee services avoid open-ended discovery and make it easier to decide.

Yes, but CyberBit confirms scope before payment when work falls outside a listed fixed-scope offer.

Yes. CyberBit is New York–based and supports small businesses remotely worldwide.

You will receive or complete the relevant intake path first. After checkout, Stripe sends a receipt to the email used during payment. CyberBit follows up using that email with the next step, report, or scope confirmation depending on the service.