Pricing & Packaging

Clear packaging. Scoped to your estate, not a sales target.

We publish what is included, who each tier suits, and how long onboarding takes. Pricing itself is built from a short scoping conversation — because security cost depends on what you actually need to protect, not a per-seat sticker.

SME packages

Three tiers for small and mid-sized businesses.

Designed for organisations from 10 to 250 users. Each tier builds on the previous one — start where you are and move up as your obligations grow.

Essential

Foundational protection for growing businesses.

Ideal size
Up to 25 users / 50 assets
Onboarding
10–15 working days

Baseline visibility and hygiene for organisations starting their security programme or replacing ad-hoc tooling.

  • VMaaS — monthly internal and external vulnerability scans
  • Asset inventory and risk-ranked remediation guidance
  • Cyber Essentials readiness checklist and gap report
  • Quarterly service review with a named engineer
  • Email and ticket support during business hours

Standard

Active management for established SMEs.

Ideal size
25–100 users / up to 250 assets
Onboarding
15–20 working days

Continuous coverage, prioritised remediation and reporting suitable for boards, insurers and most client audits.

  • Everything in Essential
  • Weekly authenticated scans with remediation tracking
  • Managed Security monitoring of core systems and identity
  • Monthly governance pack with metrics and risk register
  • Cyber Essentials Plus assessment included annually
  • Same-business-day response on high-priority issues

Advanced

Higher-assurance SMEs handling sensitive data.

Ideal size
75–250 users / up to 500 assets
Onboarding
20–30 working days

For SMEs with regulatory exposure, supply-chain scrutiny or critical client contracts that require evidenced controls.

  • Everything in Standard
  • Continuous external attack surface monitoring
  • Annual external penetration test (defined scope)
  • Phishing awareness programme — quarterly campaigns
  • ISO 27001 control-mapping pack for audit defence
  • Named senior engineer and quarterly executive briefing
Mid-market & regulated

Two tiers for regulated and mid-market clients.

Built around formal governance, defined SLAs and the evidence regulators, auditors and insurers expect. Both tiers are delivered against a written statement of work.

Regulated Core

Mid-market organisations under regulatory oversight.

Ideal size
250–1,000 users / 500–2,500 assets
Onboarding
4–6 weeks

A structured programme for financial services, legal, healthcare and other regulated clients that need formal governance and auditable evidence.

  • VMaaS across internal, external, cloud and container estates
  • 24×7 Managed Security monitoring with documented runbooks
  • Quarterly internal and external penetration tests
  • Compliance support: ISO 27001, DORA, NIS2, FCA, CQC alignment
  • Monthly governance pack and quarterly board-level review
  • Named delivery lead, technical lead and account manager
  • Defined SLAs with credits for missed response targets

Regulated Enterprise

Complex, multi-entity or critical-infrastructure clients.

Ideal size
1,000+ users / multi-site or multi-cloud
Onboarding
6–10 weeks, phased

Bespoke programme for organisations with complex environments, multiple regulators, or third-party assurance obligations across a supply chain.

  • Everything in Regulated Core
  • Dedicated SOC pod and security architect
  • Continuous red-team-style testing and purple-team exercises
  • Incident response retainer with on-site mobilisation
  • Third-party risk and supply-chain assurance support
  • Custom reporting aligned to your control framework
  • Joint governance forum with your CISO and risk function
Enterprise

Built for the largest and most complex organisations.

A bespoke programme for multi-region estates, critical national infrastructure, and global supply chains that require a dedicated security partnership rather than a standard service agreement.

Enterprise

Global and complex organisations with critical infrastructure.

Ideal size
5,000+ users / multi-region or critical national infrastructure
Onboarding
10–14 weeks, phased mobilisation

For the largest organisations with complex multi-region environments, critical national infrastructure obligations, or global supply-chain assurance requirements that demand a bespoke security programme.

  • Everything in Regulated Enterprise
  • Global SOC coverage with regional delivery leads
  • Continuous assurance across multi-cloud, OT and legacy estates
  • Bespoke threat intelligence and adversary simulation
  • Board and regulator-facing risk reporting
  • Dedicated security architect and vCISO support
  • Custom SLA frameworks with executive escalation paths
Add-ons

Available with any tier.

Bolt-on services for organisations that need targeted capability without changing their core package.

Penetration testing

industry-standard external, internal, web application, cloud and segmentation testing. Scoped per engagement, with a debrief and remediation walkthrough.

Phishing awareness

Scheduled simulated phishing campaigns with role-based training, manager dashboards and reporting suitable for insurers and auditors.

Incident response retainer

Pre-agreed response terms, named responders, and guaranteed mobilisation windows. Unused hours convert to tabletop exercises or readiness reviews.

Compliance toolkit

Policy templates, control-mapping workbooks and evidence registers for Cyber Essentials, ISO 27001, DORA and NIS2. Reviewed annually by our compliance lead.

How pricing is calculated

No per-seat guesswork. Three factors, openly discussed.

We build a price from your environment, not a published rate card. Every quote shows what is included, what is excluded, and which assumptions drive the figure.

Assets in scope

Endpoints, servers, cloud workloads, identities, network devices and applications. We count what we monitor or test — not your full estate unless you want us to.

Scope and coverage

Which services apply, which environments are included, hours of coverage, and the depth of reporting. A clear scope is the single biggest factor in keeping cost predictable.

Complexity

Multi-cloud, hybrid identity, legacy systems, regulatory overlays and integration with your existing tooling all increase engineering effort. We make these visible during scoping.

When manual intervention may change cost: confirmed incidents requiring extended forensic work, scope expansions agreed in writing, integrations with bespoke or legacy systems, and remediation work delivered by our engineers rather than handed back. Any change is quoted before work begins — never invoiced as a surprise.

Next step

Book a fixed-fee scoping workshop.

A structured half-day session with a senior engineer. You leave with a defined scope, an indicative price, and a written recommendation — whether or not you proceed with us.

Request a Scoping Workshop