Practice III · Vendor Evaluation & Negotiation

Advice that isn't
for sale twice.

Independent technology selection for security tooling — from requirements definition through proof-of-concept scoring to the final commercial negotiation. We take no commissions and resell nothing, so the recommendation serves exactly one party: you.

/ 01 — The Problem

The market is loud.
The incentives are bent.

Security procurement is one of the few executive decisions routinely made on advice from parties paid by the other side. Resellers earn margin on what they recommend. Channel partners carry quotas. Analyst placements are influenced by vendor relationships. Even well-meaning internal shortlists often begin from whichever vendor reached the CIO first.

The consequences are familiar: platforms bought for features nobody deploys, three tools overlapping one control while another goes uncovered, multi-year contracts priced against list rather than leverage, and renewal dates that arrive with no negotiating position prepared.

The fix is not more vendor meetings. It is a disciplined selection process run by someone with no financial stake in the outcome — anchored in your requirements, your architecture, and the total cost of ownership over the life of the contract.

/ 02 — Approach

Requirements first.
Vendors second.

01

Requirements Definition

A weighted requirements matrix built from your risks, architecture, and operating model — the yardstick every vendor is measured against, agreed before a single demo is booked.

02

Market Scan

A structured sweep of the viable field — incumbents, challengers, and the option vendors never mention: doing more with what you already own.

03

RFP Support

RFP and RFI documents that force comparable answers — written so marketing language cannot substitute for capability, and scored blind against the matrix.

04

PoC Design & Scoring

Proofs of concept designed around your environment and your failure modes — with objective scoring criteria fixed before the vendor's engineers arrive.

05

TCO Analysis

Full-term cost modelling: licences, infrastructure, integration, training, staffing, and the renewal uplift the first-year discount is designed to hide.

06

Contract & Commercial Negotiation

Support through the final mile — benchmarked pricing positions, exit and audit clauses, SLA substance, and terms that survive year three, not just the signing dinner.

/ 03 — Coverage

The categories
we work across.

SIEM & Analytics

Detection platforms and log architectures — where ingestion pricing models quietly decide the real cost.

EDR / XDR

Endpoint detection and response — tested against your fleet's realities, not the vendor's benchmark malware set.

NAC

Network access control — where integration effort with your switching, wireless, and identity estate makes or breaks the business case.

Firewalls & Network Security

Next-generation firewalls, segmentation, and secure connectivity — sized for measured throughput, not datasheet throughput.

IAM & PAM

Identity, access, and privileged access management — the control plane every Zero Trust ambition depends on.

Cloud Security

CSPM, CNAPP, and workload protection — evaluated against your actual cloud footprint and the team that must run it.

/ 04 — Cadence

From noise to
signature.

Step 01

Frame

Discovery call, then a scoped mandate: the category in question, the decision deadline, and the stakeholders who must be convinced.

Step 02

Shortlist

Requirements matrix agreed, market scanned, RFP issued — and a defensible shortlist produced with the reasoning documented.

Step 03

Prove

PoCs run on your terms and scored against fixed criteria; TCO modelled over the full contract term for the finalists.

Step 04

Close

A written recommendation with the evidence trail, and negotiation support until the contract reflects your leverage — not their quarter-end.

/ 05 — Charter

The independence
charter.

Written into our terms of engagement, not just our marketing. Every vendor evaluation is bound by four commitments:

I.
No vendor commissions

We accept no referral fees, finder's fees, or success payments from any technology vendor — before, during, or after an engagement.

II.
No resale, ever

We hold no distribution agreements and carry no margin on licences, hardware, or services. If you buy it, you buy it from the vendor — at a price we helped you negotiate.

III.
No channel-partner arrangements

No partner tiers, no certifications-for-influence, no co-marketing agreements that would give any vendor a quiet seat on your side of the table.

IV.
Recommendations on merit alone

Every recommendation is justified in writing against three tests only: your requirements, total cost of ownership, and architectural fit. Nothing else enters the file.

/ 06 — Questions

Asked often.
Answered plainly.

If you don't take commissions, how are you paid?

By you, and only by you — a fixed professional fee agreed at scoping, or as part of an existing retainer. That single fact realigns the entire exercise: our only path to a good outcome is a decision that still looks right in year three.

We've already shortlisted vendors. Is it too late to involve you?

No. We regularly join at the PoC or negotiation stage — pressure-testing a shortlist against written requirements, redesigning a proof of concept that the vendor scripted, or building the TCO model and negotiating position before signature. Earlier is better; later is still valuable.

Do you implement the chosen technology as well?

We advise on implementation architecture and governance, but deployment is delivered by your team, the vendor, or an integrator of your choosing. Keeping delivery separate from selection is deliberate — an adviser who profits from the build cannot be fully neutral about what you buy.

Can you help with renewals rather than new purchases?

Yes — renewals are where preparation pays most. A renewal approached six months early, with usage data assembled and a credible alternative scoped, negotiates very differently from one approached the week the quote arrives. We build that position and sit with you through the conversation.
/ 07 — Engage

Make the next decision
with clean hands at the table.

Tell us what you're evaluating — or renewing. We'll scope the mandate in a 30-minute call.

30 min · Video · No obligation