Enterprise AI Cybersecurity
6 service lines. 30+ years of real field experience. Custom agentic workflows. No third-party cloud, no intermediaries β direct access to the architect who does the work.
Private LLMs & AI Agents
100% on-premise language model deployment on your infrastructure or mine. No data leaves your perimeter. Zero dependency on OpenAI, Anthropic or Google. Zero inference cost after deployment.
Qwen3.5, DeepSeek, Llama 3, Mistral β adapted to your domain: legal, industrial, technical, financial
Chroma, Pinecone, Weaviate, FAISS + LlamaIndex/Haystack for secure internal knowledge bases
LangChain, LangGraph, CrewAI, n8n β with custom security hardening filtering all agent traffic
Rootless Podman, Rocky Linux, SELinux. Enterprise production from day one
Secure endpoints to integrate agents into your CRM, ERP, legal or any internal workflow
No usage data, no external logs, no third-party API keys in the pipeline
MLSecOps & Adversarial Defence
AI pipelines are attackable. Data poisoning, prompt injection, model evasion, membership inference, model inversion β the OWASP Top 10 for LLMs documents what attackers already know. We secure the complete MLOps lifecycle, from dataset to production endpoint.
MITRE ATLAS + OWASP Top 10 LLMs applied to your architecture. Attack vector identification before real attackers find them
Dataset validation, checksums, training environment isolation, granular access control per model
ART (Adversarial Robustness Toolbox), CleverHans, TF Privacy. Robustness testing before production
Drift detection, output anomalies, production prompt injection attempts with real-time alerts
Full alignment with the NIST AI Risk Management Framework: Govern, Map, Measure, Manage
AI system risk-level classification, technical documentation, log registry for regulatory audits
AI-Augmented Red/Blue Team
Attackers already use AI. FraudGPT, WormGPT, automated OSINT, generative phishing, auto-generated exploits. We simulate exactly what they are doing β before they do it to you. On the defensive side, we automate threat hunting and SIEM so your team detects in minutes what used to take weeks.
Metasploit, Burp Suite, Cobalt Strike augmented with AI agents for automated reconnaissance, privilege escalation and lateral movement
Automated collection and correlation of public intelligence on your company, employees, suppliers and attack surface
Agents monitoring anomalous behaviour 24/7 with updated RAG threat intelligence. LLM-generated hypotheses, validated by the architect
Fine-tuning models on your real logs to reduce noise, prioritise alerts and auto-generate playbooks
Red team based on techniques most used in your sector and region. Atomic Red Team + AI agents for maximum coverage
Joint offensive-defensive exercises so your team learns to detect in real time. With or without an in-house SOC
ICS/OT Industrial Security
Industrial environments are the target of the most sophisticated attackers. Ransomware like LockBit, Colonial Pipeline, Norsk Hydro β all started with poor IT/OT segmentation or exposed industrial protocols. With direct experience in 24/7 production ICS/OT environments, we design architectures that guarantee operational continuity and real security.
Full audit of current state against the ISA/IEC 62443 standard. GAP analysis, Security Levels (SL), prioritised remediation plan
Design and implementation of the Purdue model: security zones, conduits, industrial DMZ. Firewalls, managed switches, VLANs
Baselining of normal industrial behaviour + AI agents detecting deviations in real time. Compatible with Claroty, Nozomi
Modbus, DNP3, OPC-UA, Profinet, EtherNet/IP β traffic analysis, encryption where possible, access control
ICS-specific playbooks. Containment without affecting production. Validated recovery. Communication with SCADA/DCS vendors
Proxmox + OPNsense infrastructure to simulate OT topologies without risk to real production
AI-Automated Compliance
Manual compliance does not scale. Hundreds of controls, scattered evidence, annual audits that turn into months of manual work. We implement compliance with AI: automated audits, real-time evidence collection, CISO dashboards, and we pass audits on the first attempt.
Gap analysis, ISMS design, control implementation, training, internal audit and support through to certification. Internal Lead Auditor
Criticality assessment, implementation of the 10 NIS2 minimum requirements, incident notification, supply chain management
Processing registry, DPIA, legal basis, data subject rights, breach management. DPO certification available
AI system risk-level classification, required technical documentation, EU AI Act registry, conformity for high-risk systems
AI agents continuously collecting evidence, detecting deviations and automatically generating auditable reports
Real-time control panel: control status, evidence, KRIs, notifications, full traceability for leadership
CISO as a Service / Senior Architect
Not every company needs a full-time CISO. But every company needs someone who understands real risk, speaks the board's language, and knows what to do when the alarm goes off. With 30+ years of real experience as de facto CISO in companies of 40+ employees, we offer that role β as vCISO, temporary in-house or senior B2B consultant.
Senior security direction part-time. Bi-weekly or monthly meetings with leadership. Strategic security decision-making
12β24 month security plan. Risk-based prioritisation. Budget, priorities, communication to investors and regulators
Availability for critical incidents. Technical coordination and communication with leadership, clients and regulators. Pre-defined playbooks
Available for temporary or permanent senior in-house positions. Secure digital transformation, cloud migration, DevSecOps
Security assessment for M&A, investor audits, supplier certifications or public tender processes
Awareness sessions for leadership and board. AI risk, NIS2, sector cyberattacks. No technical jargon β business impact focus
De facto CISO, 40+ employees. ISO 27001, NIS2, Zero Trust, ML SIEM, DevSecOps CI/CD, DPO AEPD
De facto CISO, national education platform. Cloud migration, GDPR student data, β¬4K/month saved AWSβGCP
Founder and senior architect. B2B clients Spain and Europe. MLSecOps, private LLMs, ICS/OT, compliance
Packs by Company Size
Pre-defined combinations for the most common scenarios. All packs are customisable. Price on request β scope is defined in the first free technical meeting.
SMEs Β· 10β50 employees
Companies without an internal security team. First certification. NIS2/GDPR regulatory pressure.
- βΊ Initial security audit (GAP analysis)
- βΊ Basic NIS2 implementation (10 minimum requirements)
- βΊ GDPR: processing registry + breach management
- βΊ Basic local LLM (Ollama + Llama/Mistral) for 1 use case
- βΊ Basic endpoint + network hardening
- βΊ 1 C-level / leadership awareness session
- βΊ Simplified CISO dashboard
- βΊ Email support 3 months post-implementation
Mid-market Β· 50β200 employees
Companies with high regulatory pressure, sensitive data or AI ambition without data risk.
- βΊ Everything in Starter Pack +
- βΊ Full ISO 27001 (through to certification)
- βΊ MLSecOps: hardening of existing AI pipelines
- βΊ Private LLMs: 3 use cases with RAG
- βΊ Basic Red Team (1 exercise/year)
- βΊ SIEM optimisation with fine-tuned LLMs
- βΊ Monthly vCISO (4h/month security direction)
- βΊ EU AI Act: classification + documentation
- βΊ Priority support 6 months
Critical infrastructure Β· ICS/OT
Industrial, utilities, critical logistics, healthcare. Environments where failure is unacceptable.
- βΊ Everything in Growth Pack +
- βΊ Full ISA/IEC 62443 assessment
- βΊ IT/OT Purdue segmentation design
- βΊ OT anomaly detection with AI (real time)
- βΊ Specialised ICS/OT Red/Blue Team
- βΊ OT incident response playbooks
- βΊ Isolated test lab
- βΊ 99.95% architect availability SLA
- βΊ On-site OT technical team training
- βΊ Weekly vCISO included
Packs are indicative. Each engagement is defined in a first free technical meeting (30 min) with no commitment. Book a meeting β
Fixed-Price Security Services
No long contracts. No complex scope. One deliverable, one price, one day. Each service is a standalone engagement β and each one reveals where the real risk is.
OSINT Exposure Scan
What does an attacker see about your company right now? Leaked credentials, exposed infrastructure, employee data β all indexed and available to anyone who knows where to look.
Dark Web Search
Are your employees' passwords already for sale? We scan dark web databases for your corporate domain and alert you to every compromised account before an attacker uses it.
Web Vulnerability Scan
Your website is your most visible attack surface. We scan for SQL injection, XSS, broken authentication, outdated plugins and misconfigured SSL β exactly as an attacker would.
Access & Password Audit
80% of breaches start with a compromised password. We audit your password policy, MFA status, shared accounts, inactive users and over-privileged access.
WordPress Hardening
43% of the web runs on WordPress. Attackers know every vulnerability of every plugin by heart. Full hardening of your installation, attack surface reduction and admin access locked β same day.
Corporate Email Security
Without SPF, DKIM and DMARC, anyone can send emails impersonating you. We configure your DNS records correctly, verify deliverability and close the door on spoofing β in under 3 hours.
Microsoft 365 Security Audit
Microsoft 365 ships insecure by default and most SMEs never change it. We audit your tenant: MFA, conditional access, Exchange, security alerts and Teams β and apply the approved changes the same day.
Backup Audit
Most companies discover their backup does not work when they need it most β after a ransomware attack. We verify your backup policy, run a real restore test and fix what fails before it costs you everything.
GDPR Express Review
Fines reach β¬20M or 4% of global turnover. Most SMBs are not compliant β they just haven't been inspected yet. We review your processing records, consent flows and breach procedure in 3 focused hours.
Does NIS2 Apply to You?
NIS2 is mandatory in Spain since October 2024. Penalties up to β¬10M. Many companies in energy, transport, manufacturing and digital infrastructure are affected and don't know it. Find out in 2 hours.
Phishing Simulation
91% of cyberattacks start with a phishing email. We send a realistic simulated campaign to your team (up to 20 users), measure the click rate and show you exactly where the human risk lies.
Incident Response Kit
Do you know what to do Monday 8am if you're told you were hacked Friday at 6pm? We create a real, usable incident response plan: who calls who, what to disconnect first, how to notify clients and regulators. A 1-page document your team can follow under pressure.
Fixed prices. No contract. Each Quick Win is a standalone engagement. Questions? Book a free 15-min call β