What we kept seeing
External SOC, in-house build, or interim? Often nobody knows the smartest next step.
How we work
First, clarity on where you stand and which routes are realistic.
OUR STORY
Security is not the mystery. The starting point usually is.
Web
Applications
Security
Operations
Training
Mentoring
Interim
Freelance
External SOC, build in-house, interim help, or invest in people and tooling? Many teams are unsure what makes sense right now. We help you see where you stand and which route fits.
What we kept seeing
External SOC, in-house build, or interim? Often nobody knows the smartest next step.
How we work
First, clarity on where you stand and which routes are realistic.
What we kept seeing
Big spends on contracts or tooling before the organisation knows what it actually needs.
How we work
Then choose what fits: external, in-house, interim, or a mix. No pressure to do everything at once.
What we kept seeing
Plenty of advice and options. Hard to pick one concrete next step.
How we work
Fixed scope and clear deliverables. You know what you get before work starts.
What we kept seeing
How we work
Noctulux delivers scoped cybersecurity services, built by a SOC architect who sat on both sides of the table. Web app security, external rating, SOC/SIEM, detection engineering, threat hunting, reporting, remediation validation. Fixed scope and fixed deliverables per engagement, with output engineers and leadership can use.
noctulux-core · expertise map
Noctulux expertise
Architectuur
Blueprint & roadmap
SIEM
Logs & correlatie
Detectie
Rules & MITRE
SOC
Triage & response
Hunting
Hypotheses & queries
VM
Risico & patching
EXPERTISE
Web applications, security operations, training, and interim support. Four areas with scoped services and clear deliverables.
SOC and SIEM, detection, threat hunting, vulnerability management, and security architecture. From baseline and blueprint to rules and process improvement.
Assessment of SIEM/SOC maturity, use cases, alerts, triage, and processes.
Architecture, baseline, use cases, dashboards, and handover.
Detection rules and proactive threat hunting for your SIEM.
Workflows, runbooks, KPIs, and management reporting.
Risk-based prioritisation of vulnerabilities across assets.
Pentest, external rating, and periodic reporting. Concrete findings and retest after you ship fixes.
External risk-rating assessment of your web application with clear grades and priorities.
Authorised hands-on testing of frontend, backend, APIs, and business logic.
Recurring external assessment with trends and remediation progress.
Focused retest of previously reported findings after fixes.
Guide juniors and starters in cybersecurity. Lessons, coaching, and mentoring aligned with your environment.
Lessons and mentoring for SOC, SIEM, InfoSec/GRC, and career paths
Temporary architect, engineer, analyst, or GRC specialist. Scoped assignments, no long-term contract.
Architect, detection engineer, analyst, VM, GRC, or guidance
OUR SPECIALISTS
We specialise in security operations, SIEM platforms, information security, and web application security. Our specialists hold enterprise certifications and work daily in regulated environments.
39
Certifications
45+
Security tools
9
Frameworks
Tier 1–3
SOC experience
noctulux-certs · registry
alleen certificeringen
Microsoft
6 certificeringen
Splunk
7 certificeringen
Elastic
8 certificeringen
CompTIA
4 certificeringen
ISC2
2 certificeringen
ISACA
2 certificeringen
GIAC
8 certificeringen
Offensive Security
1 certificering
PortSwigger
1 certificering
platforms & tooling · per categorie
SIEM & logging
Endpoint & XDR
Identity & cloud
Vulnerability & risk
Web & pentest
Email & awareness
IR, intel & network
Frameworks & compliance
Explore further
Three pages that explain what makes Noctulux different. Open the topic you want to read.
01·Privacy
Data handling per assignment. Clear agreements upfront. You own the outputs.
Open page02·Scope-first
Clear assignments with fixed outputs. Boundaries agreed before work starts.
Open page03·Ops discipline
Secure by design, transparent by default. Operational discipline for client data and findings.
Open pageLegal terms live under /legal. These pages explain our operating model.