Y4 — Cold-Outreach Kit
Asset: Y4 | Workstream:
[GTM]| Ownership:[SO]| Owner: Sagar Status: drafted | Priority: top priority for cold outbound (claude.md§4.Y)Purpose: The multi-touch cold sequences (email + LinkedIn) + subject-line bank that turn the Y3 target list into Discovery Audit bookings. Every CTA is the free Discovery Audit — never "demo" or "call." Personalization tokens map to A1-enriched contact properties; the offer email here is the copy A5 sends on
Qualified.
0. Rules of the kit
- One CTA, always: the free Discovery Audit. Low-friction, high-value, qualifies fast (Y0 §3).
- Lead with their signal, not us. Every first touch references the specific Y3
signal/notes. No signal → don't send; route to nurture. - Message from Y1. The category line, value props, and objection reframes all come from the positioning house. Don't free-style claims (compliance-claim risk).
- Short. Cold email ≤ 90 words. LinkedIn DM ≤ 50 words. The audit does the selling.
- Never promise certification. "Audit-ready," not "guaranteed compliant" (Y1 §0).
1. Personalization tokens (A1 contact properties)
| Token | A1 / HubSpot property | Example |
|---|---|---|
{{first_name}} |
contact first name | Jane |
{{company}} |
company name | Acme |
{{vertical}} |
vertical |
SaaS |
{{signal}} |
buying_signal |
"hiring your first platform engineer" |
{{signal_detail}} |
seed-list notes |
"the JD says 'own our SOC 2 journey'" |
{{cloud}} |
cloud_primary |
Azure |
{{sender}} |
— | Sagar |
If
{{signal}}is empty the contact should not be in a cold sequence (rule 2).
2. Email sequence — "Signal-led" (5 touches, the primary sequence)
Cadence: Day 0, 3, 7, 12, 18. Stop on any reply. Switch the value-prop framing (§2 of Y1 §5) to match
{{vertical}}.
Touch 1 — Day 0 — the signal (the most important email)
Subject: see bank §5 (pick a signal-led line)
Hi {{first_name}},
Noticed {{company}} is {{signal}} — usually the moment the "we'll harden the
cloud later" debt comes due, especially with an enterprise deal or audit on the
horizon.
We engineer Azure platforms that are compliant by construction — controls in the
code, evidence generated automatically — so the SOC 2/ISO conversation becomes a
formality instead of a fire drill.
Before any pitch: we run a free, read-only Discovery Audit of your Azure tenant
and hand you a findings report mapped to fixes. ~20 minutes of your time.
Worth a look?
{{sender}}
Touch 2 — Day 3 — the category reframe
Subject: re: {{company}} + the audit fire drill
{{first_name}} — quick reframe in case it's useful:
Vanta/Drata tell you what's broken. They don't fix the infrastructure — someone
still has to engineer it. That "someone" is the gap we close, in code you own.
The free audit shows you exactly where that gap is for {{company}} today. No
strings — happy to just send the report.
{{sender}}
Touch 3 — Day 7 — proof / how it works
Subject: how the {{company}} audit actually works
{{first_name}},
In case the "free audit" sounded vague — here's the shape:
• Read-only access (Reader + Security Reader, time-boxed, revoked after).
• We scan posture across network, identity, encryption, logging, cost.
• You get a branded PDF: findings ranked by severity, each mapped to a fix and
an effort estimate.
Nothing changes in your tenant. You keep the report either way. Open to it?
{{sender}}
Touch 4 — Day 12 — the cost-of-inaction
Subject: the questionnaire quarter
{{first_name}} — the pattern we see at {{vertical}} companies your size: an
enterprise deal stalls on a security questionnaire, and answering it eats a
quarter of engineering time because the infra was never built for it.
Compliant-by-construction means that questionnaire becomes a download. The free
audit is the cheapest way to find out how far {{company}} is from there.
Want the report?
{{sender}}
Touch 5 — Day 18 — the break-up
Subject: closing the loop, {{first_name}}
{{first_name}}, I'll stop here so I'm not cluttering your inbox.
If the cloud-hardening / audit-readiness question gets hot — a deal gating on
SOC 2, a board asking, a new hire drowning — the free Discovery Audit offer
stands. Just reply "audit" and I'll send the scope.
Either way, good luck with {{signal_detail}}.
{{sender}}
3. LinkedIn touches (run in parallel with email)
Connect first; DM after acceptance. Keep it shorter than email.
Connection request (≤ 300 chars)
Hi {{first_name}} — saw {{company}} is {{signal}}. We engineer compliant-by-
construction Azure platforms (the part Vanta doesn't do). Would love to connect.
DM variant A — signal-led
Thanks for connecting, {{first_name}}. Given {{signal}} at {{company}} — we run a
free, read-only Discovery Audit of your Azure posture and send back a findings
report mapped to fixes. ~20 min of your time. Worth a look?
DM variant B — category reframe
{{first_name}} — quick one: Vanta tells you what's broken; we're the team that
engineers the platform that's compliant by construction. Free audit of {{company}}'s
Azure tenant if useful — you keep the report regardless. Interested?
DM variant C — peer / founder-to-founder
{{first_name}}, founder-to-founder — the SOC 2 scramble nearly ate us once too.
We turned the fix into a productized platform. Offering {{company}} a free
read-only audit so you can see the gap before it's a deal-blocker. Open to it?
4. The offer email (what A5 sends on Qualified)
When a HubSpot deal flips to
Qualified, A5 dispatches G4 (the discovery run) and sends this email. This copy is the source for A5's template; keep A5'sapps/crm-automations/src/discovery-trigger/offer template in sync with this.
Subject: Your free SnowOps Discovery Audit — next steps
Hi {{first_name}},
Great — let's get the Discovery Audit going for {{company}}.
What we need from you (≈ 20 minutes):
1. A read-only service principal in your Azure tenant — we send a one-command
bootstrap script (Reader + Security Reader only, time-boxed, no secrets leave
your tenant). You can revoke it the moment we're done.
2. Your tenant + subscription ID.
What you get back (within {{turnaround}}):
• A branded findings report: posture across network, identity, encryption,
logging, and cost — each finding ranked and mapped to a specific fix.
• A 30-minute walkthrough call to go through it.
Nothing in your environment changes — the audit is read-only by design.
Reply and I'll send the bootstrap script.
{{sender}}
5. Subject-line bank
Rotate; keep them lowercase/curiosity-led, signal-anchored where possible. A/B test open rates and prune the losers (track in Y13/HubSpot).
Signal-led (touch 1):
- {{company}} + {{signal}}
- noticed {{company}} is hiring a platform engineer
- the SOC 2 question at {{company}}
- before {{company}}'s next security questionnaire
- {{company}}'s Azure posture — a free read
Category / reframe:
- what Vanta won't fix
- the part compliance tools skip
- compliant by construction (not bolted on)
Curiosity / cost-of-inaction:
- the questionnaire quarter
- the audit fire drill (and how to skip it)
- cheapest time to harden {{company}}'s cloud
Follow-up / break-up:
- re: {{company}}
- closing the loop, {{first_name}}
- last one, {{first_name}}
6. Tracked success metric
Per Y0 §7: the metric for Y4 is positive-reply rate (target ≥ 8% cold). Instrument per-sequence and per-subject-line in HubSpot (Y13). A "positive reply" = any reply expressing interest in the audit, not just any reply.
Definition of Done (Y4)
- ≥ 1 full sequence (5 touches) + 3 LinkedIn variants. (Met: 5-touch email + 3 DM variants + connection request.)
- Dry-run on 5 Y3 accounts (real personalization fills cleanly). (Pending real seed list.)
- Offer-email copy (§4) reconciled with A5's
discovery-triggertemplate. - Positive-reply rate instrumented in HubSpot.
Sign-off
- Reviewer: _ | Date: _ | Result: PASS / FAIL
- Notes: