Security and identity - protecting your systems, your data and your users
Modern security goes beyond firewalls. It encompasses who can access what, how identities are verified, and how your infrastructure defends itself against evolving threats. We deliver all of this as a managed service, hosted wherever your business needs it.
Our Security & Identity platform covers three critical layers:
Identity & Access Management: Keycloak provides enterprise single sign-on, directory federation with Entra ID, Google Workspace and LDAP, fine-grained authorisation and multi-factor authentication - centralising how your users and systems authenticate across every application.
Infrastructure Security: Penetration testing, managed web application firewalls and systems hardening ensure your attack surface is continuously assessed and defended against known and emerging threats.
KYC & Compliance: OpenKYC provides document verification, facial biometric matching, liveness detection and AML screening for regulated industries that must verify customer identity before onboarding. Self-hosted infrastructure with no per-verification fees.
Operational Resilience: Every security service we provide is architected for high availability with automated failover, continuous monitoring and 24/7 alerting. Security that goes down when you need it most is not security at all.
Hosted Anywhere: All our security and identity services run on our own infrastructure but are fully deployable to AWS, Azure, Google Cloud or your own on-premise environment. We are platform-agnostic - your security posture should not depend on a single vendor.
Our Services
Keycloak Identity & Access
Enterprise SSO, directory federation and identity management with Entra ID, Google and LDAP integration
Authentik Identity Provider
Open source single sign-on with OIDC, SAML, passkeys and forward auth for apps without native SSO
Systems Security
Protecting Your Systems: Advanced Security Solutions
Full Penetration Testing
Penetration testing, also known as pen testing, is a security drill where a cybersecurity professional tries to identify and exploit weaknesses in a computer system
Light Penetration Testing
An automated test checking for known vulnerabilities that should be reviewed
Host Managed WAF
Web application firewall hosted and managed by us
KYC Verification
Open source Know Your Customer verification with document checking, liveness detection and AML screening
DocuSeal Document Signing
Open source electronic signatures and document workflows with no per-document fees
Frequently asked questions
What is Keycloak and how does it compare to Okta or Auth0?
Keycloak is an open source identity and access management platform that provides the same capabilities as commercial products like Okta and Auth0, including SSO, MFA and directory federation, but without per-user licensing fees. It integrates with Entra ID, Google Workspace and LDAP.
Can Keycloak integrate with our existing Microsoft Entra ID?
Yes. Keycloak federates with Entra ID so employees continue using their Microsoft credentials while Keycloak extends SSO to all your applications, including those that Entra ID cannot reach natively.
What is the difference between full and light penetration testing?
Full penetration testing involves manual testing by security professionals who simulate real-world attacks on your systems. Light penetration testing uses automated scanning tools to check for known vulnerabilities. We recommend starting with a light test and progressing to full testing for critical systems.
Do you provide ongoing security monitoring?
Yes. Our managed WAF and systems security services include continuous monitoring, automated alerting and incident response. We architect all security services for high availability with automated failover.
What is OpenKYC and which industries need KYC verification?
OpenKYC is an open source Know Your Customer platform providing document verification, facial biometric matching, liveness detection and AML screening. KYC verification is a legal requirement for financial services firms, fintechs, crypto exchanges, insurance providers and legal firms under AML and CTF legislation.