Service in detailSECIn Bordeaux & Nouvelle-Aquitaine

Hardening & backup

Reduce the attack surface, harden access, guarantee tested and restorable backups.

Request a quoteSee all servicesOverview & context
ContextFor whom, why

The service

Security isn't caught up by a patch after an attack. It's built in from the choice of tools and configurations. The goal: that your data, your backups and the access to your systems hold up against common attacks, including ransomware.

For whom?

SMBs handling sensitive data (customer, financial, medical), or whose IT downtime for a few days would be critical. Also for those who want to reach compliance or prepare for an external audit.

What's includedWhat the engagement covers
  1. 01 /Security audit & configuration review
  2. 02 /App & infra hardening
  3. 03 /Recognized security best practices
  4. 04 /Ransomware-protected backups
Tech stackTools I use
  • OWASP
    Standards & ZAP
  • PortSwigger
    Burp Suite: web analysis
  • Wireshark
    Network analysis
  • pfSense
    Software firewall
  • CrowdSec
    Runtime protection
  • WireGuard
    Modern VPN
  • Vault
    Secret management
  • Let's Encrypt
    TLS encryption
  • Linux
    Server hardening
  • restic
    Immutable backups
ApproachHow I work
  1. 01

    Comprehensive audit of entry points, configurations and existing backups

  2. 02

    Concrete checks of access and configurations, not just theoretical analysis

  3. 03

    Application and server hardening following recognized standards

  4. 04

    Offline or immutable backups, tested regularly

Frequently asked questionsWhat I get asked the most
  • How much does a security audit cost for an SMB?
    A complete audit for an SMB starts at €2,500: application and infrastructure review, detailed deliverable with prioritized and quantified recommendations. Pricing reflects the responsibility involved: a security audit commits me on the conclusions. Regulatory compliance audits (GDPR, ISO) are quoted case by case.
  • My site is small, am I really targeted by hackers?
    Yes. The vast majority of attacks are automated and scan the entire web without specific targeting. A WordPress site with an outdated plugin will be detected within hours, regardless of its size or traffic. Ransomware specifically targets SMBs because they're less prepared and they pay.
  • What do I do if I'm under attack right now?
    Emergency intervention possible within 24h for critical cases. Standard procedure: isolate the attacked system, identify the entry vector, restore from a clean backup, harden before going live again. Never pay the ransom: it funds future attacks and doesn't guarantee data recovery.
  • Is my company GDPR-compliant?
    The audit includes a basic GDPR review: data storage, retention periods, cookie policies, access rights. For full compliance (processing registry, DPIA, processor contracts), I work with a partner DPO if needed, no pretense of covering the full legal scope alone.
  • Concretely, how do you harden my systems?
    I review the configuration of your servers and applications, cut access rights down to the strict minimum, enable strong authentication on sensitive access, and put a tracked update process in place. On the data side, I make sure your backups are offline or immutable, and above all tested: a backup you've never restored is just a hypothesis.
SEC

A hardening & backup project in Bordeaux?

Request a detailed quote: reply within 24h, delivered within 48h, no commitment.

Request a quote
05 /Contact

Let's talk aboutyour project.

Describe your need in a few lines. Reply within 24h to plan next steps, detailed quote within 48h.

  • 24h response
  • NDA on request

By sending this form, you agree that your information will be used to respond to your request. Stored for 3 years, never shared with third-party advertisers. Learn more

Bordeaux & Nouvelle-Aquitaine