What we do

One program. Five disciplines.

You can engage any part on its own, but the value compounds when monitoring, response and review run as a single, coordinated program.

01 / Monitoring

Threat monitoring

We bring endpoints, identities and cloud workloads under continuous watch. Analysts triage what fires, so your team is alerted to genuine activity rather than a stream of low-value notifications. Coverage runs around the clock, every day of the year.

02 / Response

Incident response

When an incident is confirmed, a named analyst owns it from first signal to closed case. We isolate affected systems, preserve forensic evidence, coordinate communication, and hand you a single factual timeline. The bad day becomes a managed event, not a scramble.

03 / Posture

Posture review

A structured assessment of where exposure sits today — misconfigured access, unpatched services, forgotten third-party connections. Findings are ranked by what an attacker would reach first, with a remediation plan your engineers can act on directly.

04 / Compliance

Compliance support

Controls, documentation and reporting aligned with the LGPD and ISO 27001. We map the requirements to your real environment and stage the work so a roadmap keeps moving while the controls go into place. Audit season stops being a fire drill.

05 / Readiness

Team readiness

Tabletop exercises, simulated social-engineering campaigns and onboarding guidance that prepare your people for the moment it counts. Most intrusions begin with a single click; we rehearse the human response with the same care we give the technical one.

Blue network of linked points representing a coordinated defense program

Engagement

The program is a monthly retainer, sized to your environment — with the option to add response capacity for periods of higher risk.

Request a quote →

Engagement levels

Where most clients begin

Essential

Watch

Continuous monitoring for smaller environments, with monthly reporting and a defined response path for confirmed incidents.

MonitoringMonthly reportOn-call path

Standard

Watch & respond

Everything in Watch, plus full incident response ownership, quarterly posture reviews and LGPD reporting support.

ResponsePosture reviewLGPD

Program

Full program

The complete discipline: monitoring, response, ISO 27001 support, identity hardening and quarterly readiness exercises.

ISO 27001IdentityReadiness

Common questions

About the work

Can we start with just monitoring?

Yes. Many clients begin with the Watch level and add response and review once they see how the program fits their team. Scope can change with a month's notice.

What tooling do you use?

We work with established platforms and, where it makes sense, your existing licenses. We are not reselling a single product — the discipline matters more than the logo on the dashboard.

How is pricing structured?

A flat monthly retainer based on the size and complexity of your environment, agreed before any work begins. Response surges during a confirmed incident are covered under the Standard and Program levels.

Do you handle data covered by the LGPD?

Yes, and our own handling is built to the same standard. Personal data processed during an engagement is governed by a data processing agreement aligned with the LGPD.

Next step

Let's scope the right level.

Tell us about your environment and we'll come back with a clear recommendation — no obligation to proceed.

Request a quote →