Four capabilities, scoped to your situation.

Who it is for: Teams with systems worth watching but no 24/7 security operations of their own.

Managed detection and response means we continuously watch your logs, endpoints, and network for the signals that matter. The work is anomaly detection — learning what normal looks like for you, then surfacing what deviates — paired with senior analysts who triage findings so you receive decisions, not a stream of unread alerts. When something is real, containment follows a plan you agreed in advance.

• Baseline of normal behaviour across your environment
• Continuous threat detection and anomaly detection on logs and endpoints
• Human triage by senior analysts, 24/7 for monitoring
• Agreed containment actions and clear escalation paths
• Regular, readable reporting — what we saw and what we did

Who it is for: Teams that need an honest read — often because a client, board, or regulator is asking.

A security assessment tells you where you actually stand. We combine configuration review and vulnerability assessment with scoped penetration testing that mimics how an attacker would approach your systems. The deliverable is a report written to be acted on: findings ranked by real risk, with fixes you can hand to your team and evidence you can show a client.

• Scoped penetration testing against your priorities
• Configuration and vulnerability assessment
• Findings ranked by exploitability and business impact
• Remediation guidance your engineers can follow
• A summary you can share with clients or auditors

Who it is for: Teams dealing with an active or suspected incident, or who want a responder on call before one happens.

When something has gone wrong, the damage usually comes from the unstructured scramble, not the breach itself. Incident response with us is ordered: scope what is affected, contain it, preserve what forensics needs, recover, and keep a clear record throughout. Afterwards we turn the lessons into controls so the same gap does not reopen. You can engage us during an incident or keep us on retainer.

• Rapid scoping and containment of active incidents
• Digital forensics and evidence preservation
• Coordinated recovery and clear communications support
• A written post-incident review with concrete actions
• Optional retainer so a responder already knows your environment

Who it is for: COOs and founders carrying security on top of another job, often under pressure for ISO 27001 or NIS2.

A virtual CISO (vCISO) gives you senior security leadership at a fraction of a full-time cost. We set direction, prioritise spend, and steer practical work toward ISO 27001, GDPR, FADP, and NIS2 — in the order that reduces risk first, not the order that fills a binder fastest. The aim is for you to understand and own your programme, with us as long as it helps and no longer.

• Fractional senior security leadership (vCISO)
• ISO 27001 readiness and control prioritisation
• GDPR and Swiss FADP data-protection alignment
• NIS2 gap analysis and a prioritised roadmap
• Board- and client-ready reporting in plain language