Security services

\ Wholeness, clarity, result

Why choose Aixia?

Rapid results: We focus on actions that reduce the most risk per invested krona.
Holistic approach: Testing, technology, and governance – all from a single partner.
Clear deliverables: Concrete lists, risk classifications, and timed action plans.

Understand how attackers can break in – and how to stop them. We test:

Web & API (OWASP): authentication, session management, logic flaws.
Mobile apps: storage, transport protection, jailbreak/root protection.
Infrastructure & AD/Entra ID: segmentation, privilege escalation, Kerberoasting.
Cloud (M365/Azure, AWS, GCP): IAM, misconfigurations, data exposure.
Wi-Fi/Net: rogue AP, certificates, encryption.
Red Team/Assumed Breach and Social engineering (phishing/vishing) if needed.

Deliverables: CVSS risk-rated findings, reproduction steps, business impact, prioritized action list, and retest.

Quick overview and a prioritized plan.

Risk & vulnerability analysis (RVA) and maturity analysis (CIS, NIST CSF, ISO 27001).
Attack surface and asset review: internal/external systems, shadow IT, exposed services.
Hardening and configuration review: AD/Entra ID, clients, firewall, EDR/XDR.
Cloud Security Review: identities, permissions, logging, backup/restore.
Third-party audit: suppliers, contracts, continuity.

Deliverables: executive summary, detailed recommendations, and a time-bound action plan.

Incident Readiness & Tabletop Exercises: playbooks and training sessions.
Incident Response Retainer: pre-agreed emergency support when minutes matter.
Security Architecture/Zero Trust: practical segmentation and least privilege.
IAM: MFA, conditional access, PIM, lifecycle (joiner-mover-leaver).
Vulnerability Management: scanning, prioritization, patching, KPIs.
Lightweight Security Monitoring: alert chains, basic detection and actions.
Training & Awareness: targeted, measurable training.

From gap analysis to ongoing compliance, including system support.

Gap analysis & roadmap for NIS2 and/or ISO/IEC 27001 (optionally 27701 for privacy).
ISMS implementation: policies, processes, roles, KPI/OKR.
Risk & control frameworks: risk registers, control libraries, internal controls.
Supervision & reporting: incident reports, supplier requirements, BCP/DRP.
Data protection (GDPR) & DPIA: data classification, access control, traceability.
Audit & certification support: internal audit, management reviews, action follow-up.

We offer and implement platforms that simplify everyday work:

Result: clear traceability, less manual work and faster compliance.

\ Contact us

Fill in the form or get in touch directly below.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional		The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary		This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy		The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.