Our Services

Seven service lines, designed for SMEs across Malaysia and ASEAN.

More than vendor-led security, less than a full enterprise consulting engagement. Every engagement is fixed-fee, expert-led, and scoped tight.

The A.C.E. Methodology
Assess. Control. Evolve.
vC

vCISO โ€” Virtual / Fractional CISO

Fractional CISO leadership delivered on a monthly retainer. Board reporting, security governance, vendor risk reviews, compliance roadmap, and an experienced security voice in your management meetings. For SMEs that need expert security oversight without the cost of a full-time hire.

From RM5,000 / month (8 hours min.)
Book a vCISO discovery call
RA

Cyber Risk Assessment

A point-in-time evaluation of your security posture against ISO 27001, NIST CSF, or PDPA. You receive an executive summary, a prioritised risk register, and a 12-month remediation roadmap. Fixed scope, fixed fee, 3โ€“4 week delivery.

From RM12,000 / engagement
Request a scoping call
CMS

Crisis Management Simulation

Board and C-suite tabletop exercises that test executive decision-making under pressure. Custom scenario design, facilitated session, after-action report focused on governance, communications, and escalation gaps. For boards that want to know how they'll perform before it counts.

From RM8,000 (half-day) / RM15,000 (full-day)
Book a board tabletop
ITT

IT Tabletop Exercises

Operational tabletops for IT, SOC, and incident response teams. Multiple technical scenarios in a single session โ€” phishing, ransomware, supply-chain compromise, cloud misconfiguration. Tests playbook execution, runbook gaps, and multi-team coordination.

From RM6,000 (half-day) / RM10,000 (full-day)
Book an IT tabletop
PT

Penetration Testing

External, internal, web application, or cloud penetration testing performed by certified engineers using CREST and NIST SP 800-115 methodology. You receive an executive report, a technical report, and a free retest of remediated findings within 60 days.

From RM15,000 / engagement
Request a pentest scope
DF

DFIR Retainer

Pre-paid digital forensics and incident response capacity with SLA-backed response times. Monthly hours can be drawn down for proactive readiness work (log review, IR playbook updates, threat hunts) or held in reserve for incident response when you need it.

From RM3,000 / month (10-hour retainer)
Activate a DFIR retainer
OT

OT Security Advisory

Operational Technology and ICS security: IEC 62443-aligned assessment, IT/OT segmentation review, ICS/SCADA security architecture, OT asset inventory, and security advisory for IT/OT convergence projects. For manufacturers and infrastructure operators that can't afford OT downtime.

From RM18,000 / engagement
Request an OT scoping call

Not sure which engagement fits?

Tell us what's keeping you up at night. We'll recommend the right starting point โ€” even if it isn't us.

Get a scoping call
Frameworks & Standards

The standards we work to.

ISO 27001
NIST CSF
NIST 800-53
NIST 800-115
CIS Controls v8
MITRE ATT&CK
PCI-DSS
PDPA Malaysia
BNM RMiT
MAS-TRM
IEC 62443
OWASP

Ready to scope an engagement?

Book a free 30-minute discovery call. We'll tell you whether one of our seven service lines fits โ€” and if it doesn't, we'll tell you what does.

Book a discovery call