Consulting
EvoSec provides a broad range of cybersecurity consulting services designed to meet the unique needs of your business. We deliver independent, unbiased assessments, including evaluations of third-party services, so that you can make informed decisions with confidence. The consulting services outlined below represent only part of what we offer. If you require support that isn’t listed, we encourage you to get in touch. EvoSec will either provide the expertise directly or connect you with a trusted partner who can assist.
Breach & Attack Simulation
Our Breach & Attack Simulation (BAS) consultancy service provides point-in-time security control validation, giving you clear visibility of how well your defenses stand up to modern threats. Please see the additional notes within the Q&A below.
Compliance
Our Compliance Consultancy service supports your organization throughout its compliance journey. We specialize in frameworks such as CIS, Essential 8, and SMB1001, helping you interpret requirements, map them to practical security controls, and implement them effectively.
Microsoft 365 Assessment
Ensures your business is getting the most value from its current Microsoft 365 investment. EvoSec validate that your existing licence tier is the right fit for your business requirements, perform a detailed review of how the included features are being utilized, and measuring alignment against industry best practices.
Security Controls Assessment
EvoSec works alongside your internal IT team or external security providers to independently validate the effectiveness of your existing security controls. Our assessment identifies strengths, weaknesses, and coverage gaps, ensuring your business is protected.
SIEM Assessment
In-depth technical assessment of your existing SIEM deployment, tailored for larger organizations with dedicated internal security teams. Includes detection rules and platform configuration. Ensuring your SIEM is operating at peak effectiveness.
SMB1001 Certification
As a licensed user of the SMB1001:2026 standard and holder of SMB1001 Gold Certification, EvoSec is uniquely positioned to guide your business through the certification process. We provide end-to-end support, from preparing your environment and aligning security controls.
Common Questions
We have added a couple answers here for some common questions. If you have a question that has not been covered, or would like a service that has not been listed, please reach out to us.
Can the Breach & Attack Simulation be used in place of penetration testing?
Breach & Attack Simulation does not take the place of penetration testing. It is a supplementary service that can help identify gaps and develop additional detection rules or implement additional controls to protect your business, while it does help identify gaps which would typically be identified during a penetration testing engagement, the human element in penetration testing provides better results than BAS in most cases.
Do you recommend your own services in the Security Controls Assessment if I have an external company offering managed security services?
EvoSec are focused on improving your cyber security posture. We do not use our assessments as a way to sell our managed services unless critical shortcomings were identified during the assessment.
Our assessments are aimed at providing you with unbiased findings and recommendations to help you improve your security posture, including recommendations that would help your existing managed service provider improve their coverage.
We have “XYZ” SIEM that is managed internally, is this covered by your SIEM Assessment?
EvoSec can provide our SIEM Assessment for the following solutions:
- Elastic / ELK
- LogRhythm
- Microsoft Sentinel
- Wazuh