CICS

Predict tomorrow.
Protect today.

Swiss Intelligence · Proactive by Design

Our Approach

Proactive by design

We engage the adversary as early as their operation allows: while infrastructure is still staging (SENTINEL), as the routes form (HARBINGER), and the moment they cross your perimeter (VANGUARD). Your existing stack takes over from there.

Signal, not noise

A leaked credential is a datapoint. A deduplicated, attributed list is information. The one route it opens to your crown jewels is intelligence, and only the last is worth your time.

The adversary's eye view

We map your estate the way an operator reads it, from outside the perimeter and from inside it: which identities they would reuse, which paths they would walk. Not a vulnerability list; the route.

Analysts, not just algorithms

Every finding is read by an analyst and validated against your real environment before it reaches you. Patient, specific, one line you can defend.

Bespoke Engagements

Beyond managed services, we conduct tailored engagements scoped to your environment, your threat model, and your operational constraints. We get our hands dirty.

  • Defence Validation — reproduce real adversary behaviour in your environment under controlled conditions. Deliver validated detection rules and the custom tooling used — yours to keep.
  • Detection Engineering — custom detection rules built for your stack, your threat landscape, and your telemetry. Not generic templates — tested against real attack patterns.
  • Custom Intelligence Analysis — deep-dive investigations into specific threats: ransomware leak exposure, supply chain compromise assessment, credential cascade analysis, sector-specific threat actor profiling.

References available on request under NDA. Start a conversation to discuss scope.

Sectors

We operate in regulated and contested environments across Central Europe. Our services align with NIS2, KRITIS, and sector-specific regulatory frameworks.

Energy & Utilities
Government
Aviation
Critical Infrastructure

Who We Are

We do not publish names or photographs. The nature of our work requires discretion. What we can share:

Since 2020 Operating continuously
Swiss Operations & data residency
CTI Core disciplines
Operator-led Practitioners, not consultants

Our analysts and engineers come from backgrounds in national security, military cyber operations, critical infrastructure defence, and threat intelligence.

We welcome security audits of our infrastructure and operations. DPA and NDA available on request.

Get in Touch

Engagements begin with a conversation. No sales decks, no demos on demand — we discuss whether there is a fit.

Your data is processed under Swiss jurisdiction. See our privacy policy.

Direct

Security

Address

Grabenstrasse 15a
6340 Baar, Switzerland