Service in detailSECIn Bordeaux & Nouvelle-Aquitaine

Securing via cybersecurity audit & Hardening

Anti-hacking shield and tamper-proof backups.

Request a quoteSee all servicesOverview & context
ContextFor whom, why

Security isn't caught up by a patch after an attack. It's built in from the choice of tools and configurations. The goal: that your data, your backups and the access to your systems hold up against common attacks — including ransomware.

For whom?

SMBs handling sensitive data (customer, financial, medical), or whose IT downtime for a few days would be critical. Also for those who want to reach compliance or prepare for an external audit.

What's includedWhat the engagement covers
  1. 01 /Security audit & penetration testing
  2. 02 /App & infra hardening
  3. 03 /Recognized security best practices
  4. 04 /Ransomware-protected backups
Tech stackTools I use
  • OWASPStandards & ZAP
  • PortSwiggerBurp Suite — pentests
  • WiresharkNetwork analysis
  • pfSenseSoftware firewall
  • CrowdSecRuntime protection
  • WireGuardModern VPN
  • VaultSecret management
  • Let's EncryptTLS encryption
  • LinuxServer hardening
  • resticImmutable backups
ApproachHow I work
  1. 01

    Comprehensive audit of entry points, configurations and existing backups

  2. 02

    Real penetration tests — not just theoretical analysis

  3. 03

    Application and server hardening following recognized standards

  4. 04

    Offline or immutable backups, tested regularly

Frequently asked questionsWhat I get asked the most
  • How much does a security audit cost for an SMB?
    A complete audit for an SMB starts at €2,500: application and infrastructure review, detailed deliverable with prioritized and quantified recommendations. Pricing reflects the responsibility involved — a security audit commits me on the conclusions. In-depth penetration tests or regulatory compliance audits (GDPR, ISO) are quoted case by case.
  • My site is small, am I really targeted by hackers?
    Yes. The vast majority of attacks are automated and scan the entire web without specific targeting. A WordPress site with an outdated plugin will be detected within hours, regardless of its size or traffic. Ransomware specifically targets SMBs because they're less prepared and they pay.
  • What do I do if I'm under attack right now?
    Emergency intervention possible within 24h for critical cases. Standard procedure: isolate the attacked system, identify the entry vector, restore from a clean backup, harden before going live again. Never pay the ransom — it funds future attacks and doesn't guarantee data recovery.
  • Is my company GDPR-compliant?
    The audit includes a basic GDPR review: data storage, retention periods, cookie policies, access rights. For full compliance (processing registry, DPIA, processor contracts), I work with a partner DPO if needed — no pretense of covering the full legal scope alone.
  • What does a penetration test actually involve?
    A pentest means trying to penetrate your system the way a real attacker would. I test public entry points (web, APIs, remote access), try to escalate privileges once inside, and document every flaw found with its severity and recommended fix. Everything within a precise contractual framework.
SEC

A securing via cybersecurity audit & hardening project in Bordeaux?

Request a detailed quote — 24h response, no commitment.

Request a quote
05 /Contact

Let's talk aboutyour project.

Describe your need in a few lines. I'll get back to you within 24 hours with an initial analysis and a proposal.

  • 24h response
  • NDA on request
Bordeaux & Nouvelle-Aquitaine