2026 service catalog

Ten service lines to protect your organization

We cover the full cybersecurity lifecycle: identify, protect, detect, respond and recover. Each service is modular and delivered as a one-time project, ongoing retainer or annual program.

The portfolio at a glance

Ten lines, one single partner

Choose the service you need or explore the detail further down. Each line is modular and delivered as a one-time project, ongoing retainer or annual program.

01

Ethical Hacking

Pentesting across 8 attack surfaces (web, API, mobile, infrastructure, Active Directory, wireless, OT…) with PTES/OWASP and CVSS 4.0.

OffensiveOWASPPTES
View detail 02

Red Team & Purple Team

Adversarial simulation (APT, ransomware, insider attacker) mapped to MITRE ATT&CK; measures real detection and response.

AdversarialMITRE ATT&CKPurple
View detail 03

Detection & Response

DFIR, incident response, SOC audit and threat hunting. Retainer or on-demand model with a 4h SLA.

DFIRNIST 800-614h SLA
View detail 04

GRC & vCISO

Governance, Risk & Compliance aligned to ISO 27001, NIST CSF and CIS v8.1, with CISO as a Service for executive guidance.

ISO 27001NIST CSFvCISO
View detail 05

OT / ICS Security

Operational technology and industrial control security with a non-disruptive methodology, aligned to IEC 62443 and NIST 800-82.

IEC 62443Non-disruptive
View detail 06

DevSecOps

Security integrated into the development lifecycle (Shift Left): SAST · DAST · SCA, ASVS/MASVS coverage and threat modeling.

Shift LeftSAST·DASTASVS
View detail 07

Digital Forensics

Forensic examination with a rigorous chain of custody (ISO 27037/27042, RFC 3227); reports admissible before the competent authority.

LegalISO 27037Chain of custody
View detail 08

Cyber Threat Intelligence (CTI)

Actionable threat intelligence and Brand Protection: fraudulent domains, fake profiles, leaked credentials and takedowns.

CTIOSINTTakedown
View detail 09

Vulnerabilities & Cloud

Continuous vulnerability management and cloud security (AWS · Azure · GCP), powered by VulnMan and aligned to NIST CSF 2.0.

VulnManCloudNIST CSF 2.0
View detail 10

Training (ATC)

Authorized Training Center for EC-Council and CertiProf; official courses and awareness programs with certified instructors.

Official ATCEC-CouncilCertiProf
View detail
01

Ethical Hacking

Offensive OWASP PTES ASVS MASVS

Identification of vulnerabilities across 8 attack surfaces using standardized methodologies (PTES, OWASP Testing Guide) and CVSS 4.0 classification.

Surfaces covered

  • Web Applications and REST/GraphQL APIs
  • External infrastructure (perimeter)
  • Internal infrastructure (corporate network)
  • Mobile applications (Android · iOS)
  • Wireless networks (Wi-Fi · IoT)
  • Active Directory Security Assessment (Kerberoasting · AS-REP · AD CS ESC1-13 · BloodHound · tiering model)
  • ATM · POS · OT/IoT
  • Source code review (SAST)

Deliverables

  • Technical report with detailed findings (CVSS 4.0 · MITRE ATT&CK)
  • Executive summary for management (one-pager)
  • Prioritized remediation tracker with SLA by severity
  • Retest of critical findings within 60 days at no extra cost
02

Red Team & Purple Team

Adversarial MITRE ATT&CK Assumed Breach OSINT Purple Team

Adversarial simulation of advanced attacks (APT, ransomware, insider attacker) mapped to MITRE ATT&CK, following our 8-phase methodology (reconnaissance, initial compromise, persistence, privilege escalation, internal reconnaissance, lateral movement, data analysis and exfiltration). It measures your real detection and response posture. Optionally followed by a Purple Team session for collaborative improvement.

Typical scenarios

  • Compromise from the Internet (web · phishing)
  • Insider attacker with low privileges
  • Lateral movement and escalation
  • Persistence and exfiltration
  • Attack on Active Directory
  • Cloud compromise (AWS · Azure · GCP)

Deliverables

  • Executive + technical report of the operation
  • Attack chain mapped in MITRE ATT&CK Navigator
  • List of detections achieved/missed with the SIEM
  • Detection improvement recommendations (Purple Team add-on)
03

Detection & Response — DFIR · IR · SOC Audit · Threat Hunting

Response NIST 800-61 SOC Audit Retainer / On-demand 4h SLA

Forensic and incident response capabilities with two models: monthly retainer with a guaranteed SLA or on-demand response for active incidents.

Models

  • Monthly retainer with response SLA (4h · 8h · 24h)
  • On-demand response for active incidents
  • SOC audit: detection rules aligned to the business and use cases
  • Review of SOC metrics (MTTD / MTTR), training and recommendations
  • Proactive Threat Hunting (hypotheses + EDR / identity / DNS telemetry)
  • Compromise Assessment — "am I compromised right now?" (M&A / due diligence)
  • Malware analysis / Reverse Engineering (static and dynamic · IOC · YARA)

Crisis preparedness and simulation

  • Executive Tabletop Exercises (crisis war room)
  • Ransomware and Cyber Extortion simulation
  • DDoS and impersonation campaign simulation
  • Cyber Range and lessons learned

Deliverables

  • Forensic report with a detailed timeline and IoCs
  • Malware analysis with TTPs and attribution (when applicable)
  • Prioritized remediation plan with owners and timelines
  • Lessons learned and improvements to the IR program
04

GRC & vCISO

Strategic ISO 27001 NIST CSF CIS v8.1 ISO 22301

Strategic Governance, Risk & Compliance consulting aligned to international frameworks and local regulation. Includes CISO as a Service for ongoing executive guidance.

Services covered

  • Maturity assessment (ISO 27001 · NIST CSF · CIS Controls)
  • ISO 27001 ISMS implementation
  • Business Continuity Plan (ISO 22301)
  • Quantitative Risk Management (FAIR)
  • Regulatory compliance: PCI-DSS v4.0.1 · SWIFT CSP · SOC 2 · Law 29733 (Peru) · HIPAA / NYDFS (USA)
  • Third-Party Risk Assessment
  • Zero Trust Architecture
  • CISO as a Service

Deliverables

  • Maturity report with scoring by domain (charts)
  • Risk map with prioritization and quantification
  • Actionable roadmap with identified quick wins
  • ISMS documentation when applicable (policies, procedures)
  • Monthly progress metrics and dashboards
05

OT / ICS Security

Industrial IEC 62443 NIST 800-82 Non-disruptive

Specialized services in Operational Technology and Industrial Control Systems security, with a non-disruptive methodology for critical production environments.

Services covered

  • Independent OT/ICS audit (non-disruptive)
  • Controlled OT Red Team with a coordinated window
  • IT/OT segmentation analysis (Purdue model)
  • OT asset inventory with firmware and CVEs
  • Hardening aligned to IEC 62443
  • OT traffic monitoring (Claroty · Nozomi)

Deliverables

  • OT inventory with firmware and applicable CVEs
  • Current and target IT/OT segmentation map
  • Findings classified by operational risk
  • Prioritized recommendations IEC 62443 / NIST 800-82
06

DevSecOps

Shift Left ASVS / MASVS SAST · DAST · SCA

Integration of security into the software development lifecycle (Shift Left), from design to deployment, to build software that is secure by default.

Services covered

  • DevSecOps pipeline (SAST · SCA · DAST · IaC · Container)
  • ASVS / MASVS coverage by level
  • Developer training on the OWASP Top 10
  • DSO maturity assessment
  • Threat Modeling
  • Secure management of dependencies and secrets

Deliverables

  • Pipeline assessment with ASVS / MASVS coverage
  • Quarterly developer training plan
  • Implementation of quick wins (linters · scanners)
  • Adoption and improvement metrics with dashboards
07

Digital Forensics

Legal ISO 27037 ISO 27042 RFC 3227

Digital forensic examination for legal cases with a rigorous chain of custody, compliant with international standards. Reports admissible before the competent authority.

Use cases

  • Litigation and judicial proceedings
  • Internal investigations (fraud · data leaks)
  • Post-incident regulatory compliance
  • Corporate forensic audits

Deliverables

  • Expert report admissible before the competent authority
  • Bit-by-bit forensic image verified with a SHA-256 hash
  • Chain-of-custody log signed by the examiner
  • Technical appendices with relevant artifacts
08

Cyber Threat Intelligence (CTI)

CTI OSINT DRP Dark Web Takedown

Actionable threat intelligence over the organization's exposure surface. Its flagship application is Digital Brand Protection: early detection of fraudulent domains, fake profiles, targeted phishing and leaked credentials, with takedown coordination and legal response when applicable.

Coverage

  • Brand protection: monitoring of mentions and reputation
  • Detection of fraudulent domains (typosquatting · homoglyphs)
  • Identification of fake profiles on social media
  • Search for leaked credentials on the deep / dark web
  • Identification of targeted phishing campaigns
  • Monitoring of the external exposure surface
  • Takedown coordination with providers and registrars

Deliverables

  • Continuous monitoring dashboard with real-time alerts
  • Monthly report with findings, takedowns performed and metrics
  • Legal coordination for brand misuse cases
  • Actionable intelligence on active campaigns against the organization
09

Vulnerability Management & Cloud Security

VulnMan NIST CSF 2.0 Cloud IAM

Continuous vulnerability management and cloud environment security. Identification, prioritization and remediation tracking with end-to-end traceability, powered by VulnMan, our own vulnerability management platform.

Services covered

  • Continuous vulnerability management (scan · prioritization · remediation)
  • Cloud Security Review (config review on AWS · Azure · GCP)
  • IAM review and identity exposure
  • External exposure surface analysis
  • Exposure rating and findings traceability
  • Progress metrics aligned to NIST CSF 2.0

Deliverables

  • Access to VulnMan: vulnerability matrix with status and traceability
  • Exposure rating by asset and progress dashboards
  • Cloud Security report with prioritized findings
  • Remediation plan with tracking aligned to NIST CSF 2.0
Discover VulnMan
10

Specialized training

Official ATC EC-Council CertiProf Awareness

Layer 8 is an official Authorized Training Center (ATC) for EC-Council and CertiProf, with certified instructors (Certified EC-Council Instructor) and specialized courses taught by professionals with real operational experience.

Programs and courses

  • Web application and API hacking
  • Threat Hunting
  • Official EC-Council and CertiProf courses
  • Awareness program
  • Social Engineering (simulated phishing)
  • Developer training on secure development

Deliverables

  • Official certificates (EC-Council / CertiProf) for participants
  • Course material and hands-on labs
  • Certificates of attendance with clock hours of training
  • Knowledge assessment report (pre / post)

Which service do you need?

Tell us about your case and we'll put together a concrete proposal.

Start a conversation