Outcomes, not activity
A selection of recent engagements. Client names withheld by default — we'll share referenceable details in conversation where clients have agreed.
Fintech: SOC 2 Type II in one audit cycle
A payments startup needed SOC 2 to unblock two enterprise deals. Gap assessment to clean Type II report, with evidence automation their team still runs today.
Manufacturer: segmenting a connected plant
Post-assessment, we redesigned IT/OT segmentation for a mid-size manufacturer and built a ransomware playbook tested against their actual recovery times.
SaaS: pentest findings to secure SDLC
Annual pentests kept finding the same bug classes. We moved the fixes upstream — developer training and CI checks cut repeat findings by the following cycle.
These summaries are illustrative placeholders pending client-approved publication. Ask us for relevant references during scoping — we'd rather connect you with a real client than show you a polished logo wall.