About Cyber-Defence Ltd

We built SOC in a Box because
small businesses deserved better.

We are a CREST-certified security operations company based in the UK. Our team protects MoD supply chain contractors, regulated financial firms, and healthcare providers — and in 2025 we packaged eight years of that experience into a single managed service that any small business can afford.

years

AI-augmented detection in production

CREST

Certified analysts — not subcontracted

MoD

Supply chain approved

24/7

UK-based SOC — no offshore handover

The founding story

We got tired of arriving
after the breach.

Our incident response team spent years being called in when it was already too late. A GP surgery in Cambridgeshire. A law firm in the South East. A multi-academy trust in the Midlands. Over and over, the same conversation: the breach had been undetected for weeks, and the business was now facing regulatory fines, client losses, and recovery costs they couldn't absorb.

The question we kept asking was: why didn't you have monitoring in place? The answer was always the same — they had been told they were too small, too cheap, or too much trouble for a proper Security Operations Centre.

In 2025, we decided to solve that. SOC in a Box takes the same SOC365 platform we use to protect enterprise clients and packages it for businesses with 10 to 100 endpoints — delivered in five days, for less than most pay for their piecemeal security tools.

“

The cybersecurity industry has spent years telling SMBs they don’t qualify for a proper SOC. We decided to prove that wrong.

Cyber Defence Team

Company history

Eight years of building
before we launched.

SOC in a Box is new. The technology, the team, and the detection engine behind it are not. Every capability in the service is proven in production at enterprise scale before it was offered to SMBs.

2009

Hedgehog Security Ltd founded

Founded to provide enterprise-grade cyber security services to small and medium sized businesses.

2012

CREST certification achieved

Full CREST certification for the analyst team and SOC operations — the benchmark for professional competence in cyber security.

2018

EmilyAI first deployed

Our AI-augmented triage engine goes live in the enterprise SOC — pre-processing alerts, eliminating noise, and enriching context for human analysts.

2023

DecoyPulse launched

Our proprietary deception technology platform — delivering zero-false-positive threat detection through network-deployed honeypots and credential lures.

2024

Cyber-Defence Ltd founded

Founded to provide enterprise-grade SOC services to regulated sectors in the UK — financial services, healthcare, and government supply chains. Audit and Penetration Testing services remain under Hedgehog Security Ltd.

2024

MoD supply chain approval

SOC365 approved for use by Ministry of Defence supply chain contractors — the most rigorous security validation available in the UK market.

2025

SOC in a Box launches

Eight years of production-hardened technology, packaged for SMBs. Same engine, same analysts, same results — for a fraction of enterprise pricing.

Certifications & accreditations

Not just claimed.
Independently verified.

CREST Certified

All SOC analysts hold CREST certification — the independently assessed professional standard for cyber security practitioners in the UK and globally.

MoD Supply Chain Approved

SOC365 is approved for use by Ministry of Defence supply chain contractors. The most thorough vetting process in the UK security market.

Cyber Essentials Certification Body

Authorised to consult on and support Cyber Essentials and Cyber Essentials Plus certification — included in every SOC in a Box subscription.

ICO-Registered Data Processor

Registered with the Information Commissioner’s Office as a data processor. Full data processing agreements available for all SOC in a Box clients.

NCSC Cyber Essentials Partner

Recognised partner of the National Cyber Security Centre’s Cyber Essentials scheme — directly supporting the government’s cyber security programme.

Vetted & Security Cleared Staff

All analysts are UK-based, DBS-checked, and security-vetted in line with the requirements of our government and regulated sector clients.

How we operate

The commitments we make
to every client.

Named analyst, always

Every client has a named analyst — not a rotating helpdesk or anonymous ticket queue. A person who knows your network by name.

No lock-in

Cancel anytime. No exit fees, no minimum terms beyond the current month. We keep clients by delivering value, not by trapping them.

Same platform, every client

SOC in a Box runs on the same SOC365 platform as our enterprise clients. No stripped-down version, no consumer-grade tools dressed up.

Radical transparency

Monthly Confidence Score reports tell you exactly what was detected, what was handled, and whether your security posture is improving.

Not just protected. Provably protected.

Security your clients,
insurers, and board can see.

The Cyber Essentials badge, the Confidence Score, the named analyst relationship — every element of SOC in a Box is designed to make your security posture visible, not just real.

When a client asks whether you take data protection seriously, you don’t say “yes.” You show them the score. When your insurer asks what monitoring you have in place, you send the monthly report. When a regulator investigates, you hand over the incident logs.

For professional services firms — law practices, accountancies, IFAs, healthcare providers — the ability to prove your security posture is not just a compliance requirement. It is a competitive differentiator. Provably protected organisations win contracts, retain clients, and command premium fees that their unprotected competitors cannot.

Confidence Score — Example

24/7 monitoring active

Cyber Essentials certified

0 critical incidents this month

Cyber liability cover active

“

We handle thousands of patient records across three sites and our old antivirus wasn’t giving us any visibility. Within a week of switching to SOC in a Box, our analyst flagged an unauthorised remote-access tool on a reception PC that had been there for months. The peace of mind alone is worth the investment.

Practice Manager, 3-site GP surgery group, West Midlands

Get in touch

Talk to the team
behind the box.

Book a Scoping Call

A free 30-minute call to map your security posture, show you what you can cancel, and quote a price. No obligation.

Book now

Send an Email

For general enquiries, partnership discussions, or press requests — a real person reads every email.

hello@cyber-defence.io

Existing Clients

For support requests, appliance troubleshooting, or to reach your named analyst directly, visit the support portal.

Support portal

Ready to be provably protected?

Book a 30-minute scoping call. We’ll map your current security spend, show you what you can cancel, name your analyst, and quote your price — with no obligation.

Book your scoping call

5 working days to live monitoring · Next-day UK delivery · Cancel anytime

We built SOC in a Box because small businesses deserved better.

We got tired of arriving after the breach.

Eight years of building before we launched.

Not just claimed. Independently verified.

The commitments we make to every client.