Security & Trust

Security isn't a feature here — it's the whole point

Q: What endpoint and network security do you use?

Bitdefender for endpoint detection and response (EDR), Cloudflare for DNS, WAF and DDoS protection, plus MFA, hardened Microsoft 365 identity and tested backups.

Q: Are you SOC 2 or ISO 27001 certified?

We build and operate environments to SOC 2 and ISO 27001 standards and keep evidence audit-ready. Formal certification is issued by a licensed auditor or accredited registrar; we run readiness and support the audit.

We're a managed IT and security provider, so we hold ourselves to the standard we sell. This is the stack we run, the partnerships behind it, and the frameworks we build every client environment to.

Book a free security assessment See our stack

Partnerships & stack

Backed by enterprise platforms

As a Microsoft Cloud Solution Provider (CSP) Partner, we license and manage Microsoft 365 & Azure directly — and secure every environment with the same tools we trust ourselves.

Microsoft Cloud Solution Provider (CSP)Microsoft 365 & AzureBitdefender EDRCloudflare

What we run

The security stack behind every client

Layered defense — endpoint, identity, network, data and monitoring — managed and kept current by us.

🛡️

Endpoint EDR

Bitdefender endpoint detection & response with automated containment on every managed device.

🌐

Network & web

Cloudflare for DNS, WAF and DDoS protection — fast, resilient and secure by default.

🔑

Identity & access

MFA everywhere, least-privilege access and Microsoft Entra ID hardening across Microsoft 365.

💾

Backup & disaster recovery

Tested, encrypted backups with documented recovery — so an incident is a hiccup, not a crisis.

📡

24/7 monitoring

Round-the-clock monitoring and alerting, with rapid response to anything that looks wrong.

🔄

Patch management

Automated patching of OS and apps so known vulnerabilities get closed before they're exploited.

Built to standard

The frameworks we build to

We design and operate client environments to meet these standards, and keep the evidence audit-ready. Certification of your business is issued by the relevant accredited body or auditor — we get you ready and support you through it.

HIPAAPCI-DSSSOC 2 readinessISO 27001 readinessUK GDPRNHS DSPTCyber Essentials

Need a specific certification? See our compliance hub for HIPAA, PCI and SOC 2 readiness programs.

How we operate

Security you can verify, not just trust

📊

Continuous evidence

Logging, monitoring and ticketing capture proof that controls actually operate — not just on paper.

🧭

Least privilege

Access is scoped to need, with scheduled joiner/mover/leaver reviews so old accounts don't linger.

🤝

Audit support

When your auditor or a client questionnaire arrives, we hand over organized, current evidence.

FAQ

Security questions, answered

Are you a Microsoft partner?

Yes — AiVigil operates as a Microsoft Cloud Solution Provider (CSP) partner, so we license, provision and manage Microsoft 365 and Azure for clients directly.

What endpoint and network security do you use?

We deploy Bitdefender for endpoint detection & response (EDR) and use Cloudflare for DNS, web application firewall and DDoS protection, alongside MFA, hardened Microsoft 365 identity, and tested backups.

Are you SOC 2 or ISO 27001 certified?

We build and operate client environments to SOC 2 and ISO 27001 standards and keep evidence audit-ready. Formal certification of a business is issued by a licensed auditor or accredited registrar; we run the readiness work and support you through the audit.

Can you help us pass a client security questionnaire?

Yes. Keeping controls running and evidence current is core to what we do, so you can answer security questionnaires quickly and confidently.

See where your security stands today

Book a free IT & security risk assessment — a clear snapshot of your gaps, risks and quick wins. No obligation.

Book your free assessment