gociux
accepting new engagements · EU / remote

We make attacks expensive.

Gociux is a security engineering consultancy for fintech and regulated EU companies. Managed detection, compliance that survives audits, and pipelines that ship securely — built by engineers who run this in production every day.

Book a free assessment call Explore services
Services

Built like an operations team. Priced like a project.

Productized engagements with fixed scope and clear deliverables — no open-ended consulting retainers that never end.

Flagship · monthly

Managed SIEM & Detection

Your own Wazuh-based detection stack — deployed, tuned, and watched by people who run it at PCI DSS Level 1 scale. Custom rules for your threat model, M365/EDR/cloud logs integrated, monthly tuning and threat reports.

brute-force · 185.220.x.xBLOCKED
payment API · client trafficCLEAN
phishing URL · 12 mailboxesQUARANTINED
legacy auth attempt · tenantDENIED
integrity check · core hostsVERIFIED
Engagement · 4–8 weeks

Compliance Engineering

PCI DSS and GDPR controls built into infrastructure — evidence generated continuously, not assembled in a panic before the audit. Gap assessment, remediation, audit support end to end.

Engagement · 2–3 weeks

Security Assessments

External & internal review, M365/Entra tenant hardening, attack-surface mapping.

<0h
from call to first findings
0+
years in IT & security
L0
PCI DSS level we operate at
0/7
detection coverage delivered
0%
EU data residency
DevSecOps
SAST, DAST & secrets scanning wired into your CI
Why Gociux

Operators, not auditors.

Most consultancies hand you a PDF and leave. We come from the other side of the table — engineers who carry the pager in a regulated payment environment, building the same controls we recommend.

  • /01

    Production-tested advice

    Every recommendation is something we already run under real attack traffic and real audit scrutiny.

  • /02

    Fixed scope, real deliverables

    Engagements end with running systems, runbooks, and a team that owns them — not a dependency on us.

  • /03

    EU-native

    GDPR, NIS2 and EU data-residency aren't an afterthought; they're the default architecture.

Detection

Designed and operate a 4-node Wazuh cluster behind HAProxy for a Level 1 payment environment — 40+ custom decoders and rules, Microsoft 365 and EDR telemetry integrated.

Incident response

Live phishing campaign contained across an entire tenant within the hour — malicious URLs quarantined, mail-flow rules and tenant block lists hardened against the next wave.

Pipeline security

SAST, secrets and dependency scanning wired directly into CI, with findings routed automatically into the SIEM — developers see issues before reviewers do.

Endpoint fleet

Encryption, LAPS and compliance baselines rolled out via Intune across multi-country EU offices — recovery keys escrowed, drift continuously monitored.

recent engagements · details anonymized under NDA
Get started

Find out what an attacker would find first.

A free 30-minute assessment call. We'll look at your attack surface together and tell you honestly whether you need us — sometimes the answer is no.

[email protected] LinkedIn
replies within one business day · EN / RO / remote-first across the EU