Operator credibility
Our principals have designed and run enterprise-scale security programs, managed real threat cases, and worked licensed private investigations. Not HR-consultant pedigree — operator pedigree.
— About
We made SB-553 compliance accessible.
Kestralis SMB is a productized practice from Kestralis Group, a veteran-owned corporate security advisory. We built it because the small-business compliance gap was visible from inside the enterprise work — and nobody was filling it well.
— The gap
Enterprise pricing didn't work for small business.
California SB-553 took effect July 2024. Enterprise security firms started quoting $25,000–$50,000 for compliant programs. Free templates flooded the internet — most of them never customized, none of them paired with training that satisfies the interactive requirement.
The California small business owner sat in the middle. Too expensive for enterprise advisory. Too risky to trust a free template. The result: thousands of California small businesses operating with non-defensible programs that won't survive a Cal/OSHA inspection or a downstream civil action.
Kestralis SMB sits in that gap. Productized, affordable, and substantive — built specifically for the 10–99 employee California business that has to handle this themselves and wants to handle it correctly.
— How we're different
Built by people who've actually run security programs.
Materials that actually work
Our plan templates and training were built for the California Cal/OSHA inspection — not for sale, not for SEO, not for compliance theater. We use these same materials in our enterprise engagements.
Honestly scoped
Half the people who book a Complete or Concierge call end up at Plus or Starter — and we tell them so. We're in this for repeat business and word-of-mouth, not for upsells.
— Parent practice
Kestralis Group, advisory practice.
Kestralis SMB is one practice within Kestralis Group, a veteran-owned corporate security advisory firm. The parent practice serves larger and multi-state organizations on custom-scoped engagements — workplace violence prevention, behavioral threat assessment, business continuity, security consulting, cyber advisory, investigations, and litigation support.
If your operation outgrows the SMB tiers — or you have requirements that don't fit a productized package — the enterprise practice is the right next step.
— Get in touch
Questions before you buy?
Email mark.hope@kestralisgroup.com. That's a principal inbox, not a customer-service queue. We answer within one business day.