ESTABLISH UPLINK

OPERATIONS

Who we are, how we work, and the full service catalogue

[ORIGIN STORY // SERVICE DOSSIER // FULL CLEARANCE]

COMMAND LOG // WHO WE ARE

// ORIGIN STORY — EYES ONLY

SUBJECT: MOHAMMED KHAN ROLE: FOUNDER & CEO

"Hello World! We are 313SEC—a cybersecurity house deeply rooted in Cardiff and wholeheartedly committed to our Welsh community.

Born and raised in Wales, I’ve always believed in the power of local talent. Growing up in one of the most diverse and close-knit areas of Wales, I encountered many different cultures and viewpoints from a young age. It was this exposure that inspired me to think of a different approach to cyber security, one that tries to get in the mind of an adaptable, agile, ever-changing adversary.

Every service we offer—whether it’s advanced threat detection, red teaming, or digital forensics—embodies the spirit of Welsh resilience. We don’t just secure networks; we stand side by side with our clients, forging genuine bonds that reflect the closeness of our own community.

Thank you for supporting a Welsh business built on the values of trust, integrity, and community spirit.
Diolch."

OBJECTIVE: SIMPLIFY & INNOVATE

313SEC was founded as a truly independent boutique company of highly-skilled and certified cybersecurity experts in Cardiff. We believe that security doesn’t have to be complex to be effective.

Practical protection that fits your team and your budget. We monitor, detect and respond to threats, train your staff and help you meet standards like Cyber Essentials and ISO 27001. Our work aligns with the UK’s NCSC guidance, NIST CSF, and the MITRE ATT&CK framework for full transparency and consistency.

THE TACTICAL TRIAD

01 // RECON

OBSERVABILITY

Mapping all assets. Physical and Virtual. Scouring the dark-net for threats.

02 // DEFENCE

MONITORING

XDR solutions. Identifying known and emerging threats via behavioural analytics.

03 // INTEL

ACTIVE MEASURES

Actionable, strategic intelligence gathered from private and trusted sources.

OPERATIONAL CAPABILITIES

// FULL-SPECTRUM MANAGED SECURITY SERVICES

CONCIERGE SECURITY

[LEVEL 1]

Your Concierge Security Team provides tailored advice and guidance, aligning security with your business objectives. We act as your trusted advisors.

  • Governance, Risk, and Compliance (GRC)
  • Cyber Maturity and Risk Assessment
  • Cyber Efficacy Assessment (ROI)
  • Cyber in Mergers and Acquisitions

ACTIVE DEFENCE (MDR)

[LEVEL 2]

Develop greater insight into your security posture with broad visibility, 24x7 monitoring, and advanced threat detection. Catch advanced threats missed by traditional approaches.

  • Digital Forensics and Incident Response (DFIR)
  • SOC Build and SOC Maturity
  • Cyber Security Training & Awareness
  • Vulnerability Management

MANAGED SECURITY

[LEVEL 3]

Comprehensive, end-to-end protection. From reliable backup solutions and secure password management to creating fortified work environments.

  • End-to-end Protection
  • Secure Password Management
  • Backup Solutions

ADVERSARY SIMULATION

[LEVEL 4 - OFFENSIVE]

Face Real-world Threats in a Controlled Simulated Environment. The only way to know your weakness is with a bad actor’s view. We utilize state-actor tactics.

  • Penetration Testing
  • Red Teaming
  • Adversary Emulation
  • Purple Teaming

SERVICE CATALOGUE

// FULL OPERATIONAL CAPABILITIES MANIFEST

SVC-001

CYBERSECURITY HEALTH CHECK

A clear picture of your current posture with practical fixes aligned with NCSC best practice.

  • Review of systems and data handling
  • Identify high-risk gaps
  • Action plan with priorities
  • Optional follow-up audit
SVC-002

MANAGED DETECTION & RESPONSE

24/7 visibility powered by our DE&TH stack, designed in line with MITRE ATT&CK mapping and NIST incident response principles.

  • Endpoint, network & cloud monitoring
  • Threat detection & triage
  • Automated containment playbooks
  • Monthly reports & summaries
SVC-003

THREAT HUNTING & DETECTION ENGINEERING

Proactive hunts and custom rules aligned with MITRE ATT&CK and NIST detection standards.

  • Behavioural & intel-led hunts
  • Custom rules (Sigma, YARA, XDR)
  • MITRE ATT&CK coverage mapping
  • Adversary emulation & validation
SVC-004

INCIDENT RESPONSE & FORENSICS

Fast containment and structured investigation aligned with NIST IR lifecycle.

  • Rapid triage & isolation
  • Root cause & evidence collection
  • Malware & persistence analysis
  • Post-incident report & actions
SVC-005

vCISO

Strategic leadership following NCSC and NIST CSF frameworks.

  • Roadmap & governance
  • Cyber Essentials & ISO 27001 support
  • Risk & supply chain reviews
  • Board reporting & guidance
SVC-006

CYBER AWARENESS & PHISHING SIMULATION

Train staff to spot real-world threats following NCSC user awareness principles.

  • Sector-specific training
  • Realistic phishing tests
  • Awareness assets & briefings
  • Executive & IT sessions
SVC-007

VULNERABILITY & PATCH MONITORING

Stay ahead of exploits and misconfigurations, following NCSC vulnerability management guidelines.

  • External attack surface checks
  • Internal scans & prioritisation
  • Patch tracking & risk scoring
  • Automated alerts & reports
SVC-008

THREAT INTELLIGENCE & DARK WEB MONITORING

See threats that target your sector and brand using intelligence aligned with MITRE ATT&CK and UK NCSC advisories.

  • Credential & domain monitoring
  • Sector threat briefs
  • IOC feeds to live detections
  • OpenCTI & MISP integration
SVC-009

CTI — SECTOR NEWSLETTERS

Tailored intelligence briefings for your industry with current threat trends and practical actions.

  • Monthly sector-specific newsletter
  • Active campaigns, TTPs and top risks
  • Actionable IOCs and mitigations
  • Executive summary with optional briefing call
SVC-010

EMAIL & PHISHING PROTECTION

Secure your mail with modern controls following NCSC SPF/DKIM/DMARC guidance.

  • SPF, DKIM & DMARC setup
  • Phishing detection & sandboxing
  • Secure mail gateway setup
  • Suspicious email analysis
SVC-011

COMPLIANCE & CERTIFICATION SUPPORT

Simplify recognised standards using NCSC and NIST CSF frameworks.

  • Cyber Essentials & CE Plus readiness
  • ISO 27001 implementation guidance
  • Policy templates & evidence packs
  • Audit preparation & validation
SVC-012

CLOUD SECURITY MONITORING

Visibility & control for M365, Azure, Google & AWS.

  • Configuration & access monitoring
  • Anomalous sign-in detection
  • SIEM & XDR integration
  • Monthly remediation advice
SVC-013

PENTESTING & RED TEAMING

Delivered directly by 313SEC’s internal team of specialists.

  • Network, web & app testing
  • Red team with purple-team collaboration
  • Clear findings & remediation
  • Optional re-test
SVC-014

CONTINUOUS CYBER HYGIENE PROGRAMME

A managed bundle for year-round assurance.

  • Quarterly health checks
  • Staff training & phishing tests
  • Patch & vulnerability monitoring
  • Threat intel & monthly updates

OPTIONAL ADD-ONS

  • Secure offsite log retention & forensic archive
  • Cyber insurance support documentation
  • Secure cloud backup & recovery setup
  • NOC & SOC integration with existing MSPs

Need something not listed? We are vendor-agnostic and can integrate with your stack. Ask about custom bundles and sector packs for dental, education and legal.

REQUEST CUSTOM BUNDLE
VIEW PRICING REQUEST QUOTE