Stage 03 · Ongoing operations

Your security program,
permanently run.

After the Sprint, we become your managed security function. Three tiers — from core operations to full security ownership. Pick the level that matches where you are today. Upgrade as you grow.

Trusted by growing companies

UGC Masters Swapkaart Brain Donors Creative Corner Codelevate Craft Policy

How it works

Not a support contract.
A security operation.

Managed services from Veratlas is the ongoing operation of the security baseline we built during the Sprint. It's not reactive IT support — it's a structured program with reporting, evidence generation, and compliance maintenance built in.

01

Continuous operations

Every endpoint managed, every identity monitored, every offboarding executed and documented. Not when incidents happen — continuously.

02

Evidence generation

Monthly evidence packs, quarterly access reviews, audit logs with defined retention — all generated as part of normal operations, not scrambled together before an audit.

03

Strategic oversight

At the upper tiers, vCISO advisory sessions, risk register maintenance, and board-ready security reporting keep security aligned with company direction.

Secure perimeter

Network security built in,
not bolted on.

Every tier includes network-layer protection. We design, deploy, and manage the infrastructure that keeps your perimeter tight and your traffic clean.

Zero Trust Network Access (ZTNA)

Replace legacy VPNs with identity-aware, application-level access. Users connect only to the resources they need — nothing more. Every session verified, every connection logged.

DNS filtering & threat protection

Block malicious domains, phishing sites, and command-and-control traffic at the DNS layer — before they reach endpoints. Policies follow users regardless of location.

Email security & anti-phishing

Advanced email filtering, DMARC/DKIM/SPF configuration, impersonation protection, and attachment sandboxing. We manage the full email security stack for Microsoft 365 and Google Workspace.

Firewall & network segmentation

Cloud-managed firewalls, micro-segmentation policies, and traffic inspection. We design network architecture that contains breaches and satisfies compliance requirements for PCI DSS, ISO 27001, and SOC 2.

Choose your tier

One relationship.
Three levels of coverage.

Every tier builds on the previous one. Start where you are. Upgrade as your compliance requirements evolve.

01 / Core security operations
The Security Baseline™
"We secure your environment and keep it running."
From €85/user
per month · 12-month minimum · 30 user minimum
  • Endpoint management — MDM, encryption, patching
  • EDR/antivirus deployment and monitoring
  • Identity & access management — SSO, MFA, JML
  • DNS filtering & email security (DMARC/DKIM/SPF)
  • Cloud backup management
  • Enterprise password manager
  • Monthly security posture report
  • Documented offboarding execution
  • Helpdesk — 8x5, 8-business-hour SLA
Full tier details
02 / Compliance-led teams Most Popular
The Compliance Engine™
"We secure your environment, prove it to auditors, and reduce your human risk."
From €120/user
per month · 12-month minimum · 40 user minimum
  • Everything in The Security Baseline™
  • Security awareness training — managed & tracked
  • Quarterly phishing simulations with risk scoring
  • Monthly ISO/SOC 2 evidence pack generation
  • Quarterly access reviews — all systems
  • External audit support (Stage 1 & 2)
  • Security questionnaire support (4/quarter)
  • vCISO advisory — quarterly strategy sessions
  • SLA: 4-hour standard, 2-hour critical, 8x5
Full tier details
03 / Full security ownership
The Full Fortress™
"We are your security department. From endpoint to boardroom."
From €165/user
per month · 12-month minimum · 50 user minimum
  • Everything in The Compliance Engine™
  • ZTNA deployment & management
  • Firewall & network segmentation
  • vCISO function — monthly strategy sessions
  • Board & investor security reporting (quarterly)
  • Vendor risk assessments (6/quarter)
  • Annual tabletop exercise
  • Policy review cycle — annual, ISO-aligned
  • Security architecture review for new tools
  • Priority SLA: 4-hour standard, 1-hour critical, 24x7
Full tier details

All tiers require a completed Security Assessment or 90-Day Accelerator. See full pricing comparison →

Everything starts with
the Assessment.

Book a Fit Call. We'll confirm fit, scope the Assessment, and within 90 days you'll have a fully managed security program running.

Book a Fit Call