Detection-as-a-Service for UK Businesses
CISSP-certified. 21 years in technology. 17 years in security. UK-based.
Enterprise SIEMs like Splunk or Microsoft Sentinel cost £50k+ annually in licensing alone, plus dedicated analysts on top. That's not realistic for most SMEs.
Building an in-house SOC requires shift coverage, training, and retention. Most SMEs don't have the headcount.
Cyber Essentials is mandatory for government contracts. Clients and insurers are asking about your security posture.
There's a better way.
Detection-as-a-Service gives you enterprise-grade SIEM and network detection, professionally configured and continuously tuned. A fraction of the cost of building it yourself.
SIEM and Network Detection Response (NDR) configured for your specific environment. Tailored to your infrastructure and risk profile, not a generic template.
500+ detection rules active from day one. 250+ of these I personally engineered. Continuously tuned to reduce noise and catch real threats.
Alerts flow to your team with clear response guidance. Escalation support available on retainer for when you need expert eyes on serious incidents.
Let me be clear: This isn't a 24/7 call centre. It's expert detection engineering with direct escalation when it matters. You get the capability of a security team without the overhead of building one.
Indicative comparison only. Actual costs vary by vendor, configuration, and organisation size.
| DIY Approach | Host Engineering | |
|---|---|---|
| Monthly cost | ~£13,375 | From £3,500 |
| Annual cost | ~£160,500 | From £42,000 |
| What's included | SIEM license (Splunk, Sentinel, etc.) + 2 analysts | SIEM + NDR + expert tuning |
| Detection rules | Out-of-box, generic | 500+ rules, 250+ custom-built |
| 24/7 coverage | No (requires 5+ heads) | Available as paid retainer |
| Recruitment & retention | Your problem | Not your problem |
| Time to deploy | 3-6 months | 2-4 weeks |
| Who answers if it breaks | Your team | Me directly |
Starting from £3,500/month
Includes:
Not included:
24/7 on-call availability (available as a separate retainer — ask for details)
No hidden fees. No ingestion penalties.
Pricing based on compute capacity, not data volume.
To be direct: The base service does not include 24/7 availability. I'm not a call centre. You get expert detection engineering and business-hours escalation support. If you need out-of-hours on-call coverage, that's available as a signed retainer at additional cost. This protects both of us.
ISC2 certified since July 2023. The gold standard in information security.
Managed enterprise AV stack, built Splunk dashboards for enterprise-wide visibility at a major financial institution.
Wrote NIST-based SOPs and incident playbooks. Supported NHS trusts, critical national infrastructure, aviation, and transportation clients.
Personally engineered 250+ SIEM detection rules for the CyberQuest platform. This is the same platform I deploy for you.
Commissioned systems for National Grid. Gallagher certified for enterprise physical access control.
Installed and commissioned 8K PTZ surveillance systems for major port infrastructure and public venues.
Local accountability. No offshore concerns. Based in St Helens, Merseyside.
"I understand security from the physical wire to the SIEM alert. Most consultants came from helpdesk. I've commissioned systems for National Grid and managed security at Raymond James."
— Hani Darouich, CISSP
I answer my own phone.
We discuss your environment, risks, and requirements. No sales pitch. Just understanding what you need.
SIEM and NDR configured and tuned for your specific infrastructure. Tailored to you, not a template.
500+ detection rules active. Alerts start flowing. Continuous tuning to reduce noise and catch real threats.
Alerts flow to your team with clear guidance. Escalation support on retainer for serious incidents.
Most deployments complete within 2-4 weeks
Built on a platform trusted by European banks, telecoms providers, and critical infrastructure operators.
European banks and payment processors operating under strict regulatory oversight.
FTSE 100 telecoms providers protecting network infrastructure and customer data.
Energy grid operators and utilities where downtime affects millions.
NHS trusts and healthcare providers safeguarding patient data and clinical systems.
Whether you're a 50-person firm or a multinational,
you get the same rigorous detection methodology.
Getting Cyber Essentials certified? The controls I deploy satisfy the technical requirements for ongoing protection, not just for the certificate. I work with certification bodies to ensure smooth assessments.
No pressure, no sales pitch. Just a conversation about your security needs and whether I can help.
I work directly with every client. To maintain quality, I take on a limited number of new engagements each quarter.
Thank you for reaching out. I'll get back to you within 24 hours.
Something went wrong. Please try again or email directly.