Work With Todd Davis
Independent advisory for security leaders navigating platform decisions, SOC lab builds, and training programs on realistic budgets — with no vendor relationships and no agenda.
Who Reaches Out
Most of the people who contact me are security managers, IT directors, or CISOs at small-to-mid organizations who are trying to make a real decision — not just read another vendor whitepaper. They're usually dealing with one of these situations:
Platform Selection
Evaluating cyber range vendors and trying to cut through the marketing noise to find what actually fits their budget and team size.
SOC Lab Builds
Wanting to build internal training capability but unsure whether to buy a SaaS platform or build something on AWS or on-premise.
IR Program Gaps
Running tabletop exercises but never doing live drills — looking for honest guidance on what a realistic rehearsal program looks like.
Compliance Pressure
Facing NIST 800-53, CMMC, or cyber insurance requirements and needing to demonstrate training effectiveness, not just documentation.
What We Can Work Through Together
I'm not a consulting firm. I don't have a bench of analysts or a project management office. What I offer is a direct, honest conversation with someone who has researched this space without a financial stake in which direction you go.
- Cyber range platform fit assessment — helping you figure out which tier and vendor actually matches your team size, budget, and technical maturity
- SOC lab architecture review — talking through a self-build approach on AWS or on-premise before you commit time and budget
- Incident response program review — looking at what you have and identifying the gaps between your written plan and actual team readiness
- Training program structure — helping you build a repeatable exercise cadence that your team will actually follow through on
- Briefings and educational sessions — available for security team meetings, leadership briefings, or webinar discussions on cyber range topics
What This Is Not
Being clear about boundaries is something the military taught early and well. Here's what I don't do:
- Paid vendor referrals — I have no affiliate arrangements that influence my recommendations
- Managed security services — I don't run your SOC, manage your tools, or monitor your network
- Full consulting engagements with deliverables, SOWs, and project teams
- Certification training or formal instruction — I can point you toward the right resources, but I don't teach certification courses
Ready to Have a Real Conversation?
Send a message through the contact form with a brief description of what you're working through. I read every inquiry personally and respond to ones where I think I can genuinely help.
Get in Touch
About Todd
Todd Davis served 22.5 years in the U.S. Marine Corps and Georgia Army National Guard, retiring December 31, 2025. Since 2006 he has built and operated online businesses through Global IT Associates, and has been researching and writing about cybersecurity platforms, SOC operations, and security team readiness through CyberSecurityRange.com.
Based in Saint Augustine, Florida. Independent. Vendor-neutral. Straightforward.
Read the full background →