Services

Six categories of cybersecurity work.

Each is bookable as a standalone engagement, and most clients start with one before expanding. We tell you honestly whether we're the right fit — and if we're not, we usually know someone who is.

Service 01

Microsoft 365 & Google Workspace Security Hardening

Engagement 2–4 weeks per tenant
Best for SMBs running M365 or Google Workspace
Output Hardened tenant + documentation

Security where most attacks land first.

Your business runs on email, identity, and shared documents. That's also where 80% of business email compromise and ransomware attacks begin. We take Microsoft 365 and Google Workspace tenants from default configurations — which Microsoft and Google explicitly say are not secure-by-default — to a state where common attacks don't land.

What this typically includes

  • Conditional Access or context-aware access policies aligned to your business operations
  • MFA enforcement across all users, with hardware-key support for privileged accounts
  • Phishing-resistant authentication and legacy authentication blocking
  • Mailbox audit logging and Data Loss Prevention (DLP) policies for sensitive data
  • SPF, DKIM, DMARC, MTA-STS, and TLS-RPT configuration for your sending and receiving domains
  • Tenant baseline review against CIS Benchmarks or Microsoft Secure Score
  • Conditional Access rollout in monitor mode before enforcement, to prevent disruption
  • Documentation handover so your internal IT team can maintain the configuration
Service 02

Compliance Audits — ISO 27001, SOC 2, RBI Guidelines

Engagement 8–16 weeks
Best for SaaS startups, regulated SMBs
Output Audit-ready posture + evidence

Compliance without inflated scope.

If your customers, investors, or regulators are asking for a certification or attestation, we help you get there without inflating timelines or scope. Most of our compliance work is with SaaS startups whose enterprise customers are blocked from buying until SOC 2 lands — we get them unblocked.

What this typically includes

  • Gap assessment against your target framework (ISO 27001, SOC 2 Type I/II, RBI guidelines, or PCI-DSS)
  • Control implementation guidance — telling you what to build, not just what's missing
  • Policy and procedure authoring (information security policy, access control, incident response, change management)
  • Evidence collection design — set up systems so audit evidence accumulates automatically
  • Mock audits before the real assessor arrives, so you walk in confident
  • Coordination with your chosen auditor or attestor (we work with most reputable firms)
  • Post-certification continuous compliance support so the next audit isn't a fire drill
Service 03

Apple MDM & Endpoint Security

Engagement 3–6 weeks
Best for Businesses with 20+ Apple devices
Output Full Apple fleet management

Apple, done the right way.

The number of Macs and iPhones in Indian businesses has grown fast. Most security teams still manage them as exceptions to a Windows-first toolset — which means policies don't apply, compliance is partial, and recovery procedures don't account for how Apple actually works. We do Apple right, using the same tools and patterns that mature Apple-heavy companies use.

What this typically includes

  • Apple Business Manager (ABM) configuration and Automated Device Enrollment (ADE) setup
  • MDM platform selection and deployment — Intune, Jamf, Kandji, or Mosyle, based on your stack
  • Platform SSO configuration with your existing identity provider (Microsoft Entra, Okta, Google)
  • FileVault enforcement with recovery key escrow to your MDM, not loose paper
  • Application deployment and patch management for macOS and iOS
  • Compliance policies aligned to your security framework (CIS, NIST, or custom)
  • Standard Operating Procedures for device lifecycle (provisioning, lockout recovery, decommissioning)
  • Reporting dashboards for fleet visibility
Specialized engagements

We also help with

Bookable services for specific needs. Often added as follow-ups to a hardening or compliance engagement, sometimes standalone.

Service 04

Security Awareness Training

Your employees are the most common entry point for attackers. We run customized training programs — not generic vendor courses — based on the actual threats targeting your industry. Includes phishing simulations, role-specific guidance, and metrics that mean something.

Service 05

Vulnerability Assessments & Penetration Testing

Bookable assessments against your web applications, cloud infrastructure, or internal networks. Reports include not just findings but prioritized remediation guidance your team can actually execute. We work with your developers, not against them.

Service 06

Incident Response Retainers

When something goes wrong, having a relationship in place matters more than the cheapest hourly rate. We hold a small number of IR retainers with defined response commitments and pre-agreed playbooks. We won't take on more than we can actually serve.

Not sure which engagement fits?

Most engagements start with a 30-minute scoping conversation. We tell you honestly whether we're the right fit — and if we're not, we usually know someone who is.

Start the conversation