Security · EDR + Email Security · Canadian-hosted

Endpoint and email,
defended on one platform.

Endpoint detection & response and a secure email gateway, converged on a single Canadian-hosted platform — built and operated in-house, not resold. A threat caught in email and the same threat seen on a device are one story, one console, one human accountable.

Monitoring 24/7 23,000+ indicators · 6h refresh Data stays in Canada

 soc — detection → response, as it actually runs
04:00:03 nightly: fleet software matched against CVE database — report queued
08:02:11 intel refresh — 23,412 indicators loaded (abuse.ch · openphish) · last 30 days re-scanned
11:40:52 mail-gw: "Invoice_scan.html" from spoofed sender → quarantined (SPF fail + lure pattern)
14:07:36 WIN-ACCT-03: powershell.exe -enc … [T1059.001] → rule match: encoded command
14:07:37 → process blocked · device isolated (approval-gated) · you and I both get the alert
status: 0 open incidents · fleet health A

Two layers, one console

Detection on the endpoint, filtering in front of the mailbox — sharing the same threat intelligence and the same audit log.

EDR

Endpoint detection & response

Built on the open SigmaHQ detection standard — the same ruleset the industry's SOCs use — plus live threat intelligence and on-demand antivirus.

  • 1,200+ detection rules across execution, persistence, defence evasion, and network behaviour.
  • Real-time blocking on Linux, detection and response across Windows and macOS.
  • Response with a human in the loop — isolate a device or kill a process behind an approval gate, every action in a tamper-evident log.
  • Nightly CVE matching — installed software checked against the vulnerability database; stale patches page me, not you.
Email security

Secure email gateway

Same architecture as Sophos, Proofpoint, and Mimecast: it filters mail in transit in front of Microsoft 365 or Google — it never hosts your mailbox.

  • Inbound filtering — attachment and archive inspection, phishing and impersonation detection, real SPF/DKIM/DMARC verification.
  • Click-time link protection — URLs re-checked when your staff click, not just at delivery.
  • Quarantine with one-click release — per-recipient, with a daily digest.
  • Outbound DLP — a stop on card numbers, SINs, and keys leaving your org.

shared threat intelligence · one audit log · one human accountable

Under the hood

Run by the person who wrote it

The agent, the console, and the gateway are code I own end-to-end. When your environment needs a custom detection or an integration, I write it — nobody waits on a vendor roadmap. And everything runs on my own fleet first, every night, before it runs on yours.

  • Remote support & monitoring included — one-click remote desktop, live metrics, offline detection, patching, and verified backups on the same agent.
  • Alerts you can read — one fleet-health score, letter grades per device, a short needs-attention list. An alert from me means something real happened.
  • Canadian data residency — telemetry and quarantined mail stay on hardware in Canada. A real answer for PIPEDA and sovereignty requirements.
Intel
~23,000 indicators, refreshed every 6 hours; last 30 days of fleet activity re-scanned on every update
Vulns
Nightly CVE matching across installed software, patch-aging alerts
Response
Isolate / kill behind approval gates; tamper-evident audit log
Console
Live client dashboard, multi-factor login, full history

Included with a managed retainer

Formerly sold separately — now simply part of being a client, hosted on the same hardened Canadian infrastructure.

Included

Private encrypted cloud storage

A private Dropbox/OneDrive alternative — desktop, mobile, and web sync with two-factor login. No ad targeting, no data mining.
Existing users: sign in.

Included

Zero-knowledge password manager

A Bitwarden-compatible team vault — end-to-end encrypted, browser and mobile apps, passkeys, secure sharing. Readable by no one but you.
Existing users: sign in.

Plans, stated publicly

Every engagement starts with a free audit so the scope is real. Small businesses shouldn't need a sales call to learn what security costs.

Essentials

Secured & maintained

CA$22/ user / month, from

Real endpoint security and the basics handled well — the right start for most small teams.

  • EDR on every device
  • 24/7 monitoring & smart alerting
  • Patching + verified backups
  • Remote support
  • Live client dashboard
Get a quote →
Managed Security

Endpoint + email defended

CA$28/ user / month, from

The full converged stack, with your mail flow defended too.

  • Everything in Essentials
  • Secure email gateway + quarantine
  • Approval-gated isolate / kill
  • Monthly security report
Get a quote →
Sovereign

Compliance-grade & bespoke

Custom· scoped to fit

For firms with privacy, sovereignty, or custom-integration needs.

  • Everything in Managed Security
  • Data-residency assurance, in writing
  • Custom detections & integrations
  • Executive + compliance reporting
  • Direct line to the engineer
Talk to me →

"From" pricing reflects a typical small-team setup; the exact number depends on device and mailbox count, and you'll have it in writing after the free audit — before you commit to anything.

Already a client?

Live host health, detections, email quarantine, and full history — behind multi-factor login.

Book a security audit

Tell me a bit about your environment — how many devices and mailboxes, and what you're running today — and I'll come back within a business day with what it would take to defend it.

  • The one workflow AI could take off your team's plate first
  • Where your endpoints and mail flow are actually exposed
  • One quick win you can act on right away

Prefer email? info@sd-techsolutions.com · Reply within one business day.

No spam, no sales funnel — it comes straight to me.

Book a free audit →