Frequently Asked Questions

An in-house team covers your 9-to-5 — we cover the other 15 hours. Our 24/7 Canadian-based Security Operations Centre (SOC) monitors your environment around the clock, with a dedicated team of security analysts who are trained exclusively on threat detection and response. You get the expertise of a full security department for a fraction of the cost of hiring one.

We work with organizations of all sizes. Many of our clients are SMBs and mid-market companies that need serious security but don't have enterprise budgets. We tailor our services to your environment, your risk profile, and your team — not the other way around.

Yes. Our SOC is 100% Canadian-based and operates 24 hours a day, 7 days a week. For businesses with data residency requirements or regulatory obligations under Canadian privacy law, this matters. Your data stays in Canada and your security team is subject to Canadian jurisdiction.

EDR (Endpoint Detection and Response) is the technology that monitors and records activity on endpoints like laptops, servers, and workstations. MDR (Managed Detection and Response) is the service layer built on top of it — real human analysts who review alerts, investigate threats, and take action on your behalf. We offer both: the technology and the team to run it.

Our Extended Detection and Response (XDR) approach correlates signals across endpoints, networks, email, cloud, and identity — not just one layer. Because our SIEM ingests telemetry from across your environment, we can identify patterns that siloed tools never connect. This cross-source visibility is what catches advanced threats before they cause damage.

When our SOC detects a threat, we immediately triage and classify it. For confirmed incidents, we notify your designated contacts and work with your team to contain and remediate the threat. Depending on your service level, we can take direct response actions on your behalf. Every incident is documented with a full activity log and post-incident summary.

It's an early warning system — and early warning is prevention. When our Dark Web Monitoring detects that your credentials, email addresses, or proprietary data have appeared in underground markets, we alert you immediately so you can take action before attackers do. Combined with our other services, it's one layer of a defence-in-depth strategy.

Our SOC operates 24/7 with no gaps, so detection is continuous. Response time from confirmed incident to active containment measures depends on your service tier and the nature of the incident, but our team does not wait for business hours. We'll walk you through our specific SLAs during the onboarding conversation.

Yes — and many of our clients prefer it that way. We offer fully integrated Managed IT and Managed Security Services, which means fewer vendors to manage, tighter coordination between your IT environment and your security posture, and a single point of accountability when something goes wrong.

We support the full Microsoft 365 and Azure ecosystem, including migrations, licensing, deployment, administration, and ongoing management. Whether you're moving to the cloud for the first time or optimizing an existing deployment, our team has the certifications and experience to manage it end-to-end.

Absolutely. Remote and hybrid work is the norm, and our support model is built for it. We provide remote helpdesk support, endpoint management for distributed workforces, and secure access solutions that keep your team productive wherever they're working from.

If your business accepts, processes, stores, or transmits payment card data in any form, PCI DSS compliance is required — regardless of your size. Non-compliance can result in fines, loss of card processing privileges, and significant liability in the event of a breach. Our Advisory Compliance team can assess your current state and build a clear roadmap to compliance.

A virtual CISO (vCISO) provides executive-level security leadership on a fractional basis. They help you set strategy, manage risk, communicate security posture to your board, and oversee compliance initiatives — without the cost of a full-time hire. For SMBs and mid-market companies that need strategic security leadership but aren't ready for a dedicated CISO, it's often the ideal fit.

The duration depends on the scope — a targeted network pen test might take a few days, while a comprehensive assessment of a complex environment can take two to three weeks. Every engagement concludes with a detailed report that includes an executive summary, a full list of findings ranked by risk severity, evidence of exploitation, and a prioritized remediation roadmap your team can act on immediately.

A vulnerability assessment identifies and catalogues known weaknesses in your environment using automated scanning tools and manual review. A penetration test goes further — our team actively attempts to exploit those weaknesses to demonstrate real-world impact. Both are valuable, and we often recommend starting with an assessment to build a baseline before moving to a full penetration test.

We run a Net Promoter Score (NPS) survey quarterly, and our current score is 85 — well above the industry average. NPS measures how likely our clients are to recommend us, which we treat as a direct reflection of the quality of our service and our team. You can read what our clients say about us on our website.

We work across a wide range of sectors, with particular depth in professional services, finance, legal, healthcare, and technology companies. Our compliance expertise covers PCI DSS, HIPAA, NIST, GDPR, and ISO 27001 — frameworks that map directly to the regulatory environments many of our clients operate in. If you're in a regulated industry, we know the landscape.