The Lean Security Team Index · 2026

Most security benchmarks aren't built for you.

Gartner reports on Fortune 500 SOCs. SANS data assumes 24/7 staffing. Vendor whitepapers profile teams 10× the size of yours. If you're running security with 1–10 people inside an IT org under 2,000 employees, you've never had a credible peer benchmark — until now.

Take the 2-min assessment → Read the full report
N=141 lean security leaders Fielded: April 2026 Run by: Gather for AirMDR
Peer Median
8.25
/ 12
73% of lean teams sit between 7 and 9
12%Leading · 10–12 73%Developing · 7–9 14%Lagging · 4–6 1%Struggling · 0–3
Why this exists

The lean team gap in industry research

When the only available benchmarks assume you have a 24/7 SOC, a Director of Security, and a $5M budget, defending headcount and tooling decisions becomes a fight against irrelevant comparisons. The Lean Security Team Index measures what's actually true for security leaders running 1–10 person programs at 100–2,000-employee companies — and gives you a number to point at.

"How does our triage time compare?" Until now: a Mandiant whitepaper for Fortune 500s.
"What % of alerts is normal to investigate?" Until now: a SANS report assuming a 12-person SOC.
"Are we under-staffed, or is everyone?" Until now: anecdote from a peer Slack.
"Should we audit our MDR's investigation quality, or is the SLA report enough?" Until now: vibes.
The Self-Assessment

How does your maturity compare to your peers?

Eight questions. Two minutes. Get your Lean Security Team Index score (0–12), your maturity Level (1–4), and a side-by-side comparison against the 141 lean security leaders in this benchmark.

Get Started 0 of 8 questions

First, a quick read on your context.

This calibrates your peer comparison so you're being scored against teams your size — not against the whole sample.