Service

Security

Information security as a continuous practice. We pair vCISO-level advisory with hands-on implementation across ISMS, cloud security, SIEM/SOAR, EDR, MDM, and DLP. Audits come with closed findings, and SOC stand-ups come with playbooks, SLAs, and the metrics that prove they work.

What we deliver

vCISO / part-time CISO: governance, risk, and security advisory for senior stakeholders
ISO/IEC 27001 readiness and certification: ISMS, policy framework, risk assessment, evidence management, audit chaperoning
Multi-account AWS security baseline: GuardDuty, Security Hub, IAM hardening, audit logging across hundreds of accounts
GCP security at scale: Security Command Center and threat intelligence across thousands of projects
SIEM/SOAR stand-up with Google SecOps or TheHive: detection engineering, playbooks, MITRE ATT&CK alignment
Endpoint security: SentinelOne EDR rollout/migration, Microsoft Intune MDM, Defender, Windows security baselines
Cloud vulnerability management with Wiz and Tenable.io, prioritized by attack path and business impact
Data protection: Microsoft Purview DLP for sensitive information, vendor risk reviews, SaaS hardening
24x7 SOC operating model with MSSP L1/L2 plus internal L3, escalation paths, SLAs, and KPIs (MTTD, MTTR, false-positive rate)

Typical stack

Google SecOpsSentinelOneWizTenable.ioAWS GuardDutyAWS Security HubGCP SCCMicrosoft IntuneMicrosoft PurviewTheHiveISO/IEC 27001MITRE ATT&CK

Outcomes

~10,000 endpoints secured or migrated across global environments
~300 AWS accounts and ~1,000 GCP projects under unified threat detection
ISO/IEC 27001 certification achieved with a sustainable, audit-ready ISMS

Related work

Ready to talk specifics? Contact Base66