IT security decision platform
Find IT security providers - without marketing, without wasted time
Curated providers + a structured request that hands off scope, goals, and constraints cleanly. You speak with 1-3 matching specialists instead of ten generalists.
No pay-to-play listings
Manual review of every request
Forwarded to max. 3 providers
Selection criteria public
Suitable for: audit, incident, go-live, compliance, time pressure.
Not suitable: price comparison, “just a quick chat”, mass tenders.
Curated
Manually reviewed provider profiles - assessed for specialization, technical depth, and practical experience, not ad budget.
Focus: clear services, clean scopes, traceable deliverables.
Neutral
No vendor marketing, no pay-to-play listings. Matching is based on need and fit - not advertising.
Neutral in selection - concrete in structure.
Structured
One request instead of many intro calls: technically clear, complete, and framed so providers can issue a reliable offer immediately.
Result: faster responses, fewer misunderstandings.
How it works
The process is intentionally simple - but with clear rules so you do not lose time on generalists or unclear scopes.
01
Describe your need
Briefly outline your situation (e.g. pentest, incident response, compliance) and the key constraints.
02
Matching providers
We review your request and forward it to 1-3 specialized providers
- no mass distribution, no generalists.
We focus on specialization, scope fit, and realistic delivery capacity.
03
Direct conversation
Providers reach out - you decide. No subscription, no lock-in, no platform fee for you.
Service areas
Eight core areas that often decide outcomes in practice: risk, liability, downtime, and reputation.
Penetration testing
External security assessment of applications and infrastructure.
Guide: When do I need a penetration test?
Incident response
Support for security incidents including containment, forensics, and recovery.
Guide: When is incident response needed?
ISO 27001 consulting
Preparation, implementation, and audit support for ISMS.
NIS2 consulting
Gap analysis and implementation support for NIS2 requirements.
Managed Detection & Response
Continuous detection and response (managed SOC).
Vulnerability management
Continuous discovery, prioritization, and remediation of vulnerabilities.
Cloud security
Assessments and reviews for AWS, Azure, and Kubernetes.
Security awareness
Training and phishing simulations to reduce risk.
Common questions
For companies, the request has no platform fee. You decide directly with the provider afterwards.
Typically 1-3 providers, matched to specialization and delivery capacity. No mass distribution.
We provide orientation and structured preselection. Delivery is done by the respective providers.
Capacity varies by scope and workload, but we deliberately limit to 1-3 suitable providers so you get fast, qualified responses instead of unclear intro calls.
Ready to clarify your need?
Briefly describe your situation. We connect you with suitable IT security specialists - with clear specialization and realistic deliverables.
For providers: If you want to be listed as a provider, you can find the process and criteria here.
Note: We do not provide legal advice. In acute incidents, prioritize evidence preservation and coordinated measures. We only store the data required for matching.