HEIMDALL
Outsourced Security Department

HEIMDALL can replace an internal security department

If a company does not have its own security department, the function can be outsourced. HEIMDALL covers counterparty checks, candidate screening, supplier review, beneficial ownership, transactions and information security risks without hiring a separate team.

Discuss security scope Pricing and formatsBusiness support
What we replace
counterparty checks
candidate screening
supplier control
information security
risk monitoring
confidential owner tasks
When it is needed

An external security perimeter instead of chaotic checks

No internal security department

Deals, hiring, advance payments and partnerships are approved without an independent risk review.

Internal team is overloaded

Security staff handles urgent incidents and cannot deeply review the external business perimeter.

Confidentiality is critical

Some tasks should not be routed through employees, vendors or people inside a conflict chain.

The company operates internationally

Suppliers, intermediaries, beneficial owners and payment routes are spread across jurisdictions.

Responsibility area

What HEIMDALL takes over

Counterparties and suppliers

litigation, ownership, related companies, shell indicators, sanctions and reputation signals

Sensitive-role candidates

procurement, finance, sales, data access, conflict of interest and reputation risks

Beneficial owners and links

actual control, nominee ownership, affiliations and hidden conflicts

Deals and partnerships

due diligence before acquisitions, investments, joint projects or major contracts

Information security

external risk perimeter, leaks, digital footprint, access, vendors, domains and compromise indicators

Continuous monitoring

repeat checks, alerts, changes in litigation, sanctions, media and reputation signals

Information Security

A large section for data, access and digital-perimeter protection

For an owner, risk often starts not in court or a registry, but in access rights, vendors, communications, domains, leaks and people who see commercial information. That is why information security is built into HEIMDALL support.

External digital perimeter diagnostics

We look at the company from the outside: domains, websites, subdomains, open services, public traces, technical issues and reputational signals.

Leaks and compromise signals

We check public signs of leaked corporate emails, phones, domains, documents, bank details and traces that can be used for pressure, phishing or fraud.

Vendors and access rights

We assess IT vendors, integrators, marketing teams, accountants, remote contractors and other people with access to data, money, CRM, website, ads or correspondence.

Phishing and brand imitation

We look for lookalike domains, similar names, suspicious contacts, payment-detail substitution schemes and emails sent as if from executives.

Trade secrets and internal risks

We help reduce the risk of leaks involving commercial proposals, customer bases, deal terms, purchase prices, counterparty data and internal correspondence.

Incident review

We analyze suspicious employee activity, leaks, conflicts of interest, payment-detail substitution, pressure from suppliers or unusual digital activity around the company.

How InfoSec work is done

The client gets a clear perimeter, not technical noise

We describe information security in owner-level language: where the company is exposed, through whom a leak can happen, which access rights are dangerous, where payment details can be substituted and what must be fixed first.

1. Asset map

We identify domains, websites, public channels, key emails, external vendors, services, entry points and people with sensitive access.

2. External-signal review

We collect open-source traces: leaks, lookalike domains, negative mentions, public documents, technical issues, reputation and fraud signals.

3. Risk prioritization

We split findings into critical, material and observed items. The client receives a sequence of actions, not a list of scary technical terms.

4. Remediation plan

We prepare a management plan: what to disable, restrict, review, regulate and monitor continuously.

What the client receives

Concrete InfoSec deliverables

Digital-perimeter map: domains, public assets, external services, vendors and sensitive access points
Information-security risk register with priority: critical, important, monitor
Review of leaks, lookalike domains, public traces and phishing signals
Access recommendations: what to close, restrict and separate by role
Management rules for access approvals, vendors, payments and data transfer
Executive report without technical fog
Responsibility boundaries

We clearly show what is included and what is not

We do not sell the illusion of absolute security. HEIMDALL identifies risks, gives a plan and helps build a manageable security perimeter.
We do not replace a full-time system administrator or 24/7 SOC when real-time infrastructure monitoring is required.
We do not perform malicious actions or attack third-party systems. Work is based on legal checks, open sources, client documents and agreed testing.
When needed, technical specialists can be engaged for a separate task: website audit, email, domains, cloud access and workflow hardening.
Pricing

Separate pricing for InfoSec and full outsourced security support

Prices are starting points. Final scope depends on the number of objects, employees and vendors, international exposure, urgency and depth of analysis.

Information Security

one-off diagnostics

InfoSec Start

from 75,000 RUB

for small businesses and owners who need to understand current exposure

external digital-perimeter map
domain, website, public-trace and leak review
phishing and brand-imitation signals
short plan for critical-risk closure
expanded one-off review

InfoSec Perimeter

from 150,000 RUB

for companies with vendors, CRM, ads, remote staff and sensitive data

everything in InfoSec Start
vendor and access-right review
trade-secret risk assessment
access and data-transfer rules
executive report with priorities
ongoing work

InfoSec Support

from 220,000 RUB / month

for businesses with recurring deals, employees, vendors and leak exposure

monthly external-signal monitoring
new vendor checks for sensitive access
suspicious-incident review
risk-register updates
priority communication on InfoSec incidents

Full outsourced security department

Security Perimeter

from 180,000 RUB / month

for companies without an internal security department

up to 10 checks per month
counterparties, candidates and suppliers
single risk register
short executive conclusions
red-flag consultations

External Security Department

from 350,000 RUB / month

for companies with recurring procurement, hiring, advances and international counterparties

up to 25 checks per month
expanded reviews and connections
InfoSec Perimeter included
key-object monitoring
owner-priority tasks

Corporate Risk Office

from 650,000 RUB / month

for owners, groups of companies, complex deals and sensitive conflicts

individual task capacity
complex checks and investigations
crisis situations and incidents
closed communication perimeter
monthly executive report
One-off counterparty, candidate, supplier or beneficial-owner checks can be ordered separately. The pricing above is for information security and the ongoing outsourced security perimeter.
Work formats

From one-off tasks to an external security department

Starter security perimeter

for companies without a security department

on-demand reviews, basic rules and initial risk filtering

Operational support

for recurring deals, procurement and hiring

monthly review capacity, priority tasks and a single risk history

External security department

for owners and executives

confidential perimeter, complex reviews, information security and crisis tasks

Request

Request business support

Fill in a short form. The request will be sent to Telegram and saved.