// Services

SECURITY THAT
DOES THE WORK.

From Microsoft 365 managed security to full estate SIEM/SOAR, strategic advisory, and defence compliance — four capabilities that work individually or together as a complete programme.

// Service 01

MIDAS

Managed Security for Microsoft 365

Full-spectrum managed security as a service for Microsoft 365 environments. We assess, harden, monitor and respond — continuously deploying and refining security configurations to respond to new threats. Available in five tiers from micro businesses to enterprise-scale organisations.

M365 SecurityXDREmail SecurityDevice MonitoringPhishing SimulationsDLP
MICRO
<10 users
From £100/user/month
  • M365 proactive hardening
  • 8/5 detection & response
  • Device monitoring
  • Email security (add-on)
MICRO+
<10 users
Fixed monthly price
  • Everything in Micro
  • Device hardening
  • Cyber Essentials/+ readiness
ESSENTIALS
10–100 users
Fixed monthly price
  • M365 hardening
  • 24/7 detection & response
  • Device monitoring
  • Email & domain security
  • Phishing simulations
COMPLETE
10–1000+ users
Fixed monthly price
  • Everything in Essentials
  • Device hardening
  • Security awareness seminar (×1/yr)
  • Supply chain review (×1/yr)
  • CE/CE+ readiness
PREMIUM
10–1000+ users
Fixed monthly price
  • Everything in Complete
  • Data loss prevention
  • Insider risk management
  • Custom phishing sims
  • Awareness seminars (×2/yr)
  • Supply chain reviews (×4/yr)
Feature Micro Micro+ Essentials Complete Premium
M365 Proactive Hardening
Detection & Response8/58/524/724/724/7
Device Monitoring
Device Hardening
Email SecurityAdd-on
Domain Security (DMARC/DKIM)
Phishing SimulationsCustom ×2/yr
Cyber Essentials Readiness
Security Awareness Seminar×1/yr×2/yr
Software Supply Chain Review×1/yr×4/yr
Data Loss Prevention
Insider Risk Management
Book an Assessment
// Service 02

ATLAS

Enterprise SIEM/SOAR for Your Whole Estate

24/7/365 SIEM/SOAR managed service built on Microsoft Sentinel. For organisations that need to protect on-premises or non-M365 cloud infrastructure, networking devices, and Operational Technology — beyond what Microsoft 365 covers.

Microsoft SentinelSIEM/SOARThreat IntelligenceOT SecurityIncident Response
01
Data Source Integration
Ingest log and telemetry data from cloud platforms, on-premises IT infrastructure, OT/ICS environments, networking devices, and third-party applications. A single, unified view across your entire estate.
02
Security Content Development
Custom detection rules, analytics queries and automated playbooks written specifically for your environment and threat profile — not generic out-of-the-box content that generates noise.
03
Threat Intelligence
Curated open-source threat intelligence feeds enriching detections with context on adversary infrastructure, indicators of compromise, and attack patterns relevant to your sector.
04
SOAR — Automated Response
Pre-agreed automated response playbooks that contain, isolate or remediate threats without waiting for human intervention — reducing mean time to respond and limiting blast radius.
05
Analytics & Threat Hunting
Deep visibility across your whole estate enables proactive threat hunting — searching for adversary TTPs before alerts fire. Behavioural analytics identify anomalies that rule-based detection misses.
+
Standalone or Add-on to MIDAS
ATLAS extends your MIDAS coverage beyond M365 — protecting your entire estate under a single managed security programme with one point of contact and one integrated response capability.
Book an Assessment
// Service 03

EXPERTIS

Strategic Advisory & Fractional CISO

Advisory services for organisations that need strategic security leadership without the full-time cost. Delivered by former GCHQ, MOD and military cyber experts — people who've operated at the highest levels of government security and now apply that experience to commercial challenges.

Fractional CISORisk ManagementMaturity AssessmentStrategyBoard Reporting
01
Fractional CISO
Senior security leadership without the full-time cost. Your Fractional CISO owns the security programme — building strategy, managing risk, engaging the board, and ensuring delivery. Available part-time or as a defined engagement aligned to your growth stage and budget. Particularly valuable for businesses approaching Series A, B, or investor due diligence.
02
Cyber Security Maturity Assessment
A structured evaluation of your current security capability against recognised frameworks (NCSC Cyber Essentials, NIST CSF, ISO 27001). We assess policies, processes, technology and culture — producing a clear, evidenced picture of your current state and prioritised improvement recommendations calibrated to your business context.
03
Strategy Development
A multi-year security strategy tied to your business objectives, risk appetite and regulatory environment. Not a generic framework exercise — a practical roadmap that sequences investment, defines capability milestones, and gives leadership the confidence to make informed security decisions. Includes board-ready reporting pack.
04
Table-Top Exercising
Facilitated incident response exercises that test your team's readiness to respond to realistic attack scenarios. We design scenarios specific to your sector and threat landscape — identifying gaps in response plans, escalation paths, and communications before a real incident exposes them. Debrief includes improvement recommendations.
Book an Assessment
Defence Sector
// Service 04

AEGIS

Defence Sector Compliance

Cyber Security as a Service for the UK defence supply chain. AEGIS blends consultancy and technology to prove and maintain compliance with the MOD Cyber Security Model (CSM v4) and Defence Cyber Certification (DCC) at levels 0–3.

Our SC and DV cleared team includes experts who contributed to building the MOD's own cyber security requirements. We understand the system from the inside — which means we help you navigate it efficiently, without over-engineering your compliance posture or missing critical requirements.

DefStan 05-138 DCC Level 0–3 CSM v4 Cyber Essentials Secure by Design
// AEGIS — Defence Sub-Site

FULL DETAIL AT
DEFENCE.NOVA-BLUE.COM

The AEGIS service has its own dedicated site with full service detail, compliance framework explainers, a free CSM v4 readiness assessment tool, and case studies specific to the defence industrial base.

Visit Defence Site ↗
// Free Service

VANGUARD

Free M365 Security Assessment

No Cost — No Commitment

SEE EXACTLY
WHERE YOU STAND.

VANGUARD is a free health check of your Microsoft 365 tenant. We review your configuration, highlight weaknesses, and show you exactly where your setup falls short — in plain language, without jargon, without commitment. It takes less than 24 hours and costs nothing.

Tenant Configuration Review
We review your M365 security settings against NCSC and Microsoft best practice — identifying misconfigurations, missing controls, and overly permissive settings.
Weakness Identification
A clear list of the highest-risk gaps in your current setup — ranked by severity and potential impact, with plain-language explanations of what each means for your business.
Prioritised Next Steps
Actionable recommendations in order of priority. Whether you proceed with Nova Blue or handle it internally, you'll leave with a clear picture of what to fix first.
Book a Free VANGUARD Scan
// Compliance Alignment

WHAT EACH
SERVICE ACHIEVES.

Each Nova Blue service maps to specific compliance frameworks and certifications. Use this guide to identify which service aligns with your requirements.

MIDAS
  • Cyber Essentials alignment
  • Cyber Essentials Plus readiness
  • NCSC Cyber Assessment Framework
  • ISO 27001 technical controls support
  • NIST CSF alignment
ATLAS
  • ISO 27001 — logging & monitoring
  • NIST CSF — Detect & Respond
  • NIS2 — incident detection
  • OT/ICS security frameworks
  • SIEM audit trail requirements
EXPERTIS
  • ISO 27001 — management system
  • NCSC CAF — governance & risk
  • Board-level risk reporting
  • Investor / LP due diligence
  • Regulatory audit preparation
AEGIS
  • DefStan 05-138
  • MOD CSM v4 (CRP Levels 0–3)
  • Defence Cyber Certification 0–3
  • Cyber Essentials / CE+

Not sure which service fits your requirements? Book a free assessment and we'll map your needs.

Book a Free Assessment