1. Up to 25 IPs/Targets per remote office (INTERNAL + EXTERNAL) 2. Hardware or software agent to be installed on all INTERNAL targets 3. Weekly INTERNAL Vulnerability Scanning Reports (FULL scan or PCI scan) 4. Monthly EXTERNAL Penetration Test Reports (FULL scan or PCI scan) 5. Monthly Social Engineering Reports