Sentivel Start a conversation
Home About Services Contact Start a conversation
Services

One team, from the first map to the worst day.

Four practices that work together. The people who design your defense are the same ones who run it and answer when an alert fires — no handoffs, no reseller layer.

Practice 01

Security operations

Continuous monitoring of your environment, run by analysts in São Paulo rather than an offshore queue. We tune detection to your actual systems, cut the noise that buries real alerts, and escalate only when there is something worth acting on — with the context your team needs to act fast. Coverage is around the clock, every day of the year.

Practice 02

Incident response

When an intrusion is confirmed, we contain it, trace how far it reached, and bring operations back. Then comes the part most teams skip: a clear written account of what happened, why it was possible, and the specific changes that close the gap. We also take on active incidents for organizations that do not already work with us — if you are dealing with something now, reach out.

Practice 03

Offensive testing

Controlled adversary simulation against your applications, networks, and cloud environments. We approach your systems the way a capable attacker would, find the path that actually leads somewhere, and document each finding with the steps to close it — ranked by real impact, not by scanner severity. Engagements are scoped and authorized in writing before any work begins.

Practice 04

Security architecture

Identity, network segmentation, and resilience designed into your platform from the start, or retrofitted into one already in production. The goal is simple: when a mistake happens — and it will — it stays small. We work alongside your engineers, leave clear documentation, and make sure the design holds up after we step back.

Abstract blue network topology representing segmented, monitored infrastructure

Architecture review · mapping how an intrusion would, and would not, spread

Tools surface thousands of alerts. The work is deciding which one matters at three in the morning.

How an engagement runs

From first conversation to standing defense.

Step 01

Understand

We map your environment, your critical systems, and the realistic paths an attacker would take. This is where the uncomfortable truths surface — and where priorities come from.

Step 02

Agree

We set scope, priorities, and a fixed monthly arrangement together. No surprise invoices, no padding the work with tools you do not need.

Step 03

Stand up

Monitoring goes live, the response plan is written, and your team rehearses it with us. Visible work usually begins within the first two weeks.

Step 04

Hold the line

We run continuous operations, report in plain language, and revisit the architecture as your systems change. The defense improves with every incident it absorbs.

Working together

Engagements built around your scale.

We do not publish a price list, because no two environments carry the same risk. After the first conversation we propose a fixed monthly arrangement matched to what you actually need to defend.

Watch

For teams that mainly need eyes on their environment.

Continuous monitoring, tuned detection, and escalation with context. A defined response retainer for when something fires.

Defend

Our most common engagement.

Everything in Watch, plus full incident response, periodic offensive testing, and ongoing architecture review as your platform evolves.

Embed

For operators where security is core to the business.

A dedicated arrangement with deeper involvement in your engineering decisions, regular adversary simulation, and board-level reporting.

Request a proposal for your environment

Questions about the work

Before you scope an engagement.

Do we have to take all four practices?

No. Many clients begin with monitoring alone and add testing or architecture work as trust builds. We will tell you where your risk is concentrated and let you decide where to start.

How quickly can offensive testing be scheduled?

Most engagements are scoped and authorized within two weeks. Testing only proceeds once authorization is signed and the boundaries are clear — we never touch a system we are not explicitly cleared to test.

Will you replace the tools we already pay for?

Rarely. We integrate with the platforms you run and make better use of them. Replacing a working tool is a last resort, not a default recommendation.

How do you report findings to non-technical leadership?

In plain language tied to business impact. A board does not need packet captures; it needs to know what could stop the business, how likely it is, and what we are doing about it. We write for that reader.

Do you operate within Brazilian regulation?

Yes. Our work is built around the LGPD (Lei 13.709/2018) and, for clients with operations abroad, the GDPR. Sentivel is registered in São Paulo under CNPJ 41.829.305/0001-72.

Begin

Tell us what you are defending.

A first conversation gives you an honest read on where you stand — and a proposal matched to your environment, not a template.

Request a quote About the studio