What We Do

Services built by
engineers who fix.

Every engagement is outcome-driven. We identify the risk, implement the fix, and monitor the outcome. Then we do it again. Nine practice areas. 46 commercial services. One team. No handover reports that gather dust.

Compliance AppSec & Engineering Security Detection & Response Network & Infrastructure Security Identity & Access Internal & Human Security Offensive Security Forensics & Legal AI & Emerging Tech

Principal and staff-level practitioners on every engagement

Identify, fix, monitor, then repeat

Implementation included, not just recommendations

Fraction of the cost of in-house security teams

Compliance7 services

Certification sprints run by engineers who implement the controls, not consultants who write reports.

ISO 27001 · SOC 2

ISO 27001 & SOC 2

Certification readiness sprints run by engineers who implement the controls. We close the gaps, build the evidence, and get you certified, not just assessed.

ISO 27001 ReadinessSOC 2 Type ISOC 2 Type IIDual-framework sprintISMS MaintenanceCompliance Automation

Explore service

PCI DSS v4.0

Payment card security compliance for merchants, service providers, and acquirers. We implement the controls, prepare the evidence, and support your QSA assessment.

Gap AssessmentControl ImplementationSAQ PreparationQSA SupportNetwork SegmentationPenetration Testing

Explore service

DORA

Digital Operational Resilience Act compliance for financial entities. ICT risk management, incident reporting, resilience testing, and third-party risk — implemented, not just mapped.

ICT Risk ManagementIncident ReportingTLPTThird-Party RiskResilience TestingGap Assessment

Explore service

FedRAMP

FedRAMP authorisation for cloud service providers serving US federal agencies. We implement the NIST 800-53 controls, prepare the SSP, and support your ATO journey.

FedRAMP ReadySSP DevelopmentControl ImplementationATO SupportContinuous Monitoring3PAO Coordination

Explore service

GDPR · Data Privacy

GDPR & Data Privacy

GDPR compliance programmes, DPIAs, DSAR management, breach notification, and international transfer mechanisms. We implement the controls and build the processes.

GDPR ReadinessDPIADSAR ManagementBreach NotificationInternational TransfersPrivacy by Design

Explore service

NIST CSF · CIS Controls · Governance

Security Frameworks & Controls

NIST CSF, CIS Controls, control mapping, gap assessments, and governance reviews. We implement the controls and align multiple frameworks to reduce audit fatigue.

NIST CSFCIS ControlsControl MappingGap AssessmentsGovernance ReviewsMulti-Framework Alignment

Explore service

Cyber Essentials

Cyber Essentials and Cyber Essentials Plus certification. We implement the five technical controls and prepare you for assessment — typically achievable in a single sprint.

Cyber EssentialsCyber Essentials PlusBoundary FirewallsSecure ConfigurationAccess ControlMalware Protection

Explore service

AppSec & Engineering Security7 services

Security embedded into your engineering workflows, from the first commit to production deployment.

AppSec · CI/CD · Containers · IaC

AppSec & Engineering Security

Application security, CI/CD pipeline hardening, container and Kubernetes security, IaC scanning, secrets management, and CSPM — built by engineers who understand your stack.

AppSec ReviewsSecure SDLCCI/CD SecurityContainer SecurityIaC SecuritySAST / DASTSCASecrets Management

Explore service

STRIDE · PASTA · Architecture Review

Threat Modelling

Structured threat modelling using STRIDE, PASTA, and attack tree methodologies. We identify threats at the design stage, when they are cheapest to fix.

STRIDE AnalysisPASTA MethodologyArchitecture ReviewFeature-Level Threat AnalysisCloud Threat ModellingTeam Enablement

Explore service

Pipeline · Cloud · IaC

DevSecOps

Security embedded into your engineering workflows: CI/CD pipelines, IaC, containers, and cloud. We build the security toolchain that runs with every commit.

Pipeline SecurityIaC ScanningContainer HardeningCSPMSecrets ManagementDeveloper Training

Explore service

Bug Bounty · VDP · Triage

Managed Bug Bounty & VDP

We design, launch, and manage your bug bounty programme and vulnerability disclosure policy — handling triage, researcher relations, and reporting.

VDP Policy DesignBug Bounty ManagementVulnerability TriageResearcher RelationsProgramme ReportingNIS2 & DORA Alignment

Explore service

CVE · Triage · Enrichment

CVE & Vulnerability Intelligence

We triage, enrich, and contextualise CVEs against your actual asset inventory and business risk — giving you clear patch or accept recommendations backed by evidence.

CVE TriageVulnerability EnrichmentBusiness Context ScoringPatch or Accept AnalysisThreat IntelligenceAudit-Ready Reporting

Explore service

SBOM · Attestations · Signing · SLSA

Software Supply Chain Security

SBOM generation, dependency risk analysis, build attestations, artefact signing, and SLSA alignment. We secure your supply chain end to end.

SBOM GenerationDependency Risk AnalysisBuild AttestationsArtefact SigningSLSA AlignmentSupply Chain Hardening

Explore service

Custom · Bespoke · Automation

Custom Security Tooling

Custom firewalls, security automations, and bespoke tooling builds — engineered for your specific environment, threat model, and operational requirements.

Custom FirewallsSecurity AutomationsBespoke Tool BuildsDetection EngineeringSecurity APIsToolchain Integration

Explore service

Detection & Response5 services

Engineering-grade threat monitoring, detection, and response. We identify, contain, and fix — then monitor to prevent recurrence.

Managed · 24/7

Managed Detection & Response

Engineering-grade threat monitoring, detection, and response. Your eyes on glass, powered by SIEM and SOAR, operated by engineers.

24/7 MonitoringThreat HuntingIncident TriageSIEM / SOARDetection Engineering

Explore service

SIEM · SOAR · Detection

SOC Services

Security Operations Centre services built and operated by engineers. From SIEM deployment and detection engineering to co-managed SOC operations.

SOC Build & DesignSIEM EngineeringThreat DetectionSOC Maturity AssessmentCo-Managed SOCIncident Triage

Explore service

SOAR · Orchestration · Automation

SOAR Automation

Security Orchestration, Automation and Response: platforms deployed, playbooks written, and integrations built by engineers who understand your alert landscape.

Platform Design & DeploymentPlaybook EngineeringIntegration EngineeringAlert Triage AutomationSOAR OptimisationSOC Metrics

Explore service

48hr SLA

Incident Response

Contain, investigate, and recover. Deployed within 48 hours with forensic rigour and regulatory notification support. We do not just advise — we fix.

Retained Incident ResponseForensic InvestigationRegulatory NotificationRecovery PlanningBreach Response

Explore service

Threat Hunting · Intelligence · Readiness

Threat Intelligence

Proactive threat hunting, strategic and tactical intelligence, ransomware readiness assessments, and tabletop exercises. We find threats before they find you.

Threat HuntingThreat IntelligenceRansomware ReadinessTabletop ExercisesAdversary TrackingThreat Briefings

Explore service

Network & Infrastructure Security6 services

Network architecture, perimeter hardening, and security tooling configured to actually protect you.

Cloud · Network · Perimeter

Cloud Security

AWS, Azure, and GCP security: architecture reviews, misconfiguration remediation, CSPM, and cloud-native security controls implemented by engineers who live in the cloud.

AWS Security ReviewsAzure Security ReviewsGoogle Cloud SecurityCSPMCloud Architecture ReviewCloud Penetration Testing

Explore service

Network · Perimeter · Monitoring

Network Security

Secure network architecture, perimeter hardening, traffic analysis, and remote access — for cloud, on-premises, and hybrid environments.

Network ArchitecturePerimeter HardeningNetwork MonitoringVPN & ZTNADNS SecurityNetwork Penetration Testing

Explore service

Cloudflare · WAF · Edge

WAF & Edge Security

Cloudflare, WAF, and edge security configured and hardened by engineers. We implement the rules, tune the policies, and monitor the edge.

Cloudflare HardeningWAF EngineeringEdge SecurityDDoS MitigationProxy SecurityTooling Audit

Explore service

EDR · XDR · Endpoint

Endpoint Security

EDR and XDR platform deployment, configuration, and tuning. We deploy the tools, write the detection rules, and integrate with your SOC.

EDR DeploymentXDR EngineeringDetection Rule DevelopmentEndpoint HardeningMobile Device ManagementSOC Integration

Explore service

Layered Defence · MITRE ATT&CK

Defence in Depth

Layered security architectures that assume breach and design for it. Threat modelling, MITRE ATT&CK coverage mapping, deception technology, and resilience engineering.

Layered Architecture DesignThreat ModellingMITRE ATT&CK MappingDeception TechnologyResilience Engineering

Explore service

Zero Trust · ZTNA

Zero Trust Architecture

Zero Trust network architecture: continuous verification, micro-segmentation, device posture, and risk-based access — designed and implemented end to end.

Zero Trust DesignMicro-SegmentationDevice PostureZTNA ImplementationContinuous VerificationZero Trust Maturity Assessment

Explore service

Identity & Access3 services

Right access. Right people. Right time. Identity programmes that govern continuously, not just at audit time.

IAM · MFA · SSO · Federation · Directory

Identity Security

End-to-end identity security: IAM strategy, MFA and passwordless authentication, SSO and federated identity (SAML/OIDC/OAuth), directory services, conditional access, and RBAC/ABAC.

IAM StrategyMFA & PasswordlessSSO & FederationDirectory ServicesConditional AccessRBAC / ABAC

Explore service

PAM · Vaulting · JIT · NHI

Privileged Access Management

PAM platform deployment, credential vaulting, just-in-time access, session recording, and non-human identity governance. We eliminate standing privilege.

PAM PlatformCredential VaultingJust-in-Time AccessSession RecordingNon-Human IdentityAccess Reviews

Explore service

IGA · Access Reviews · JML · SoD

Identity Governance

IGA platform deployment, automated access reviews, joiner/mover/leaver controls, role engineering, segregation of duties, and compliance reporting.

IGA PlatformAccess ReviewsJML ControlsRole EngineeringSegregation of DutiesCompliance Reporting

Explore service

Internal & Human Security4 services

The risks that originate from within: insider threats, human behaviour, and the people who are your greatest asset and your greatest risk.

UBA · UEBA · Human Risk

Behavioural Cybersecurity

User and entity behaviour analytics, human risk management, and behavioural threat detection. We measure and reduce the security risks associated with how people act.

Human Risk ManagementUEBABehaviour AnalyticsInsider Behaviour MonitoringUBABehavioural Threat Detection

Explore service

Awareness · Behaviour Change · Culture

Security Awareness

Security awareness programmes that measurably change behaviour. Role-based training, executive briefings, and security culture programmes — not generic annual modules.

Programme DesignBehaviour ChangeExecutive AwarenessSecurity CultureMetrics & ReportingAnnual Programme

Explore service

Phishing · Vishing · Smishing

PHaaS

Phishing as a Service: realistic simulations across email, voice, and SMS — combined with targeted awareness training and measurable behaviour change.

Phishing SimulationsVishingSmishingSocial Engineering AssessmentsExecutive TargetingManaged Programme

Explore service

Insider Threat · UEBA · PERSEC

Insider Risk

Insider threat programme design, UEBA deployment, behaviour analytics, and personnel security. We detect anomalous behaviour before it becomes a reportable incident.

Insider Threat ProgrammeUEBABehaviour AnalyticsInsider Behaviour MonitoringPersonnel SecurityInternal Investigations

Explore service

Offensive Security6 services

Real-world attack simulation by principal-level engineers who know your cloud infrastructure.

CREST-aligned · Manual

Penetration Testing

Real-world attack simulation by engineers who know your cloud infrastructure. Remediation included, not just a PDF of findings.

Web ApplicationExternalInternalAPIInfrastructureMobileWi-FiPCI

Explore service

Red Team · Adversary Simulation

Red Teaming

Full adversary simulation: multi-stage attack campaigns that test your people, processes, and technology against realistic threat actor behaviour.

Red Team OperationsAdversary SimulationPhysical Red TeamingSocial EngineeringCommand & ControlPost-Exploitation

Explore service

Purple Team · Collaboration

Purple Teaming

Collaborative red and blue team exercises that improve detection coverage, response playbooks, and security operations effectiveness.

Purple Team ExercisesDetection ValidationResponse TestingMITRE ATT&CK CoveragePlaybook DevelopmentSOC Improvement

Explore service

ASM · External Exposure

Attack Surface Management

Continuous discovery and assessment of your external attack surface. We identify exposed assets, misconfigurations, and vulnerabilities before attackers do.

External Asset DiscoveryExposure AssessmentMisconfiguration DetectionDark Web MonitoringContinuous MonitoringRemediation Tracking

Explore service

Adversary Simulation · TIBER

Adversary Simulation

Intelligence-led adversary simulation using TIBER-EU, CBEST, and custom threat intelligence to simulate the specific threat actors targeting your organisation.

TIBER-EUCBESTIntelligence-Led TestingThreat Actor SimulationCampaign DesignDebrief & Remediation

Explore service

Security Assessments · Reviews

Security Assessments

Proactive security reviews across cloud, applications, infrastructure, and processes. We identify risk before it becomes a breach.

Cloud Security AssessmentsArchitecture ReviewsConfiguration ReviewsSecurity AuditsVulnerability ScanningRisk Assessments

Explore service

Forensics & Legal3 services

Court-admissible digital forensics and defensible e-discovery, chain of custody maintained throughout.

Court-Admissible · Chain of Custody

Digital Forensics

Forensic-grade evidence acquisition and analysis across devices, cloud environments, networks, and video. Chain of custody maintained throughout.

Evidence PreservationDevice ForensicsRegulatory InvestigationsIncident ForensicsCloud ForensicsExpert Witness

Explore service

Legal · Regulatory

e-Discovery

Defensible data collection, processing, and review for litigation, regulatory inquiries, and corporate investigations.

Litigation SupportDSARsPublic InquiriesData Processing & FilteringCorporate InvestigationsRegulatory Disclosure

Explore service

Expert Witness · Court Reports

Expert Witness

CPR-compliant expert witness reports, court testimony, and independent technical reviews for civil and criminal proceedings.

Litigation SupportCourt ReportsTechnical TestimonyIndependent Expert ReviewsRebuttal ReportsArbitration

Explore service

AI & Emerging Tech5 services

Security for the technologies that did not exist five years ago: AI systems, Web3 protocols, and post-quantum cryptography.

EU AI Act · ISO 42001

AI Governance & Testing

Security testing, risk assessment, and governance frameworks for AI systems. LLM red teaming, bias testing, and EU AI Act compliance — by engineers who build and break AI.

AI Risk AssessmentLLM Red TeamingAI Security TestingBias & Fairness TestingAI Governance FrameworkEU AI Act Compliance

Explore service

LLM · Prompt Injection

LLM Security Testing

Prompt injection testing, jailbreaking, data exfiltration via LLMs, and model security reviews. We test the AI systems your organisation builds and deploys.

Prompt Injection TestingJailbreak TestingData Exfiltration TestingModel Security ReviewsRAG SecurityAgent Security

Explore service

AI Red Team · Adversarial

AI Red Teaming

Adversarial testing of AI systems: model extraction, adversarial examples, poisoning attacks, and full red team operations against AI-powered applications.

Model ExtractionAdversarial ExamplesPoisoning AttacksAI Red Team OperationsAutonomous Agent TestingAI Infrastructure Testing

Explore service

Smart Contracts · DeFi · Blockchain

Web3 Security

Smart contract auditing, DeFi protocol security, wallet and key management, and blockchain forensics. We audit before deployment and investigate after incidents.

Smart Contract ReviewsDeFi SecurityWallet SecurityBlockchain ForensicsWeb3 Infrastructure ReviewsNFT Security

Explore service

Post-Quantum · PKI · Key Management

Quantum & Cryptographic Security

Post-quantum cryptography readiness, cryptographic implementation auditing, PKI design, and key management. We inventory your cryptographic estate and build the migration roadmap.

PQC ReadinessCryptographic AuditPKI Design & AuditKey ManagementTLS & Protocol SecuritySecrets Management

Explore service

Not sure where to start?

Book a 30-minute call. We will scope it for you, no commitment.

Book Discovery Call

The Netru Programme Model

Identify. Fix. Monitor.
Mature. Repeat.

Most security engagements end with a report. Ours end with a working control — and then we keep going. We build enduring security programmes that mature continuously, not one-off assessments that gather dust.

Identify

Find what others miss.

We map your attack surface, assess your controls, and surface the risks that matter — before attackers find them. Threat modelling, penetration testing, vulnerability intelligence, and identity discovery. Not a checklist exercise. A genuine technical investigation.

Outcome: A prioritised risk register with engineering-grade findings — not a PDF of generic recommendations.

Penetration TestingThreat ModellingCVE IntelligenceAttack Surface Mapping

Fix

We implement the fix ourselves.

We do not hand you a report and walk away. Our engineers implement the remediation — configuring controls, writing policies, deploying tooling, and closing the gaps we found. Implementation is included. The audit evidence is built as we go.

Outcome: Closed gaps with documented evidence — ready for certification without a separate remediation project.

IAM ImplementationDevSecOpsCompliance ControlsSecurity Tooling

Monitor

Continuous visibility, not point-in-time.

Security is not a project with an end date. We monitor your environment continuously — detecting threats, tracking control effectiveness, and alerting on anomalies before they become incidents. Your L1 burden is absorbed entirely.

Outcome: Threats detected and contained before they escalate. L1 triage removed from your internal team.

MDRSOC ServicesSIEM EngineeringSOAR Automation

Mature

Each cycle raises the baseline.

We run access reviews, recertification campaigns, and capability uplift programmes — evolving your security posture as your organisation, threat landscape, and compliance obligations change. Security that compounds over time.

Outcome: A security programme that grows with your business — not a one-off engagement that expires.

Access ReviewsIGA ProgrammesCompliance UpliftSecurity Maturity

IdentifyFixMonitorMatureRepeat

“Security is not a project with an end date. Each cycle raises the baseline. We build programmes that mature continuously — not engagements that expire with a report.”

Principal and staff-level practitioners on every engagement. A fraction of the cost of building in-house.

Start a Programme Explore all services →

Services built byengineers who fix.

ISO 27001 & SOC 2

PCI DSS v4.0

DORA

FedRAMP

GDPR & Data Privacy

Security Frameworks & Controls

Cyber Essentials

AppSec & Engineering Security

Threat Modelling

DevSecOps

Managed Bug Bounty & VDP

CVE & Vulnerability Intelligence

Software Supply Chain Security

Custom Security Tooling

Managed Detection & Response

SOC Services

SOAR Automation

Incident Response

Threat Intelligence

Cloud Security

Network Security

WAF & Edge Security

Endpoint Security

Defence in Depth

Zero Trust Architecture

Identity Security

Privileged Access Management

Identity Governance

Behavioural Cybersecurity

Security Awareness

PHaaS

Insider Risk

Penetration Testing

Red Teaming

Purple Teaming

Attack Surface Management

Adversary Simulation

Security Assessments

Digital Forensics

e-Discovery

Expert Witness

AI Governance & Testing

LLM Security Testing

AI Red Teaming

Web3 Security

Quantum & Cryptographic Security

Not sure where to start?

Identify. Fix. Monitor.Mature. Repeat.

Identify

Fix

Monitor

Mature

Services built by
engineers who fix.

Identify. Fix. Monitor.
Mature. Repeat.