SYS::STATUS SOC · ONLINE
FR / EN
cl
CostLink Systems
v.2026.05 · soc·mtl
portal
[01] · OVERVIEW

Detect. Contain. Document · in under
fifteen minutes.

Bilingual security operations center, operated continuously from Montréal since 2018. Managed detection and response for Quebec organizations between fifty and two thousand employees. Law 25 compliant by design.

request an assessment see our methodology
15min
Median MTTR
24·7
Operations centre
412k
Events analyzed daily
100%
Data stays in Québec
costlink-soc · live feed stream
$ tail -f /var/log/cl/alerts.json
14:32:17CRITphishing.exec → j.tremblay@bl-mfg.qc.cacontained
14:31:48HIGHbrute.ssh → bl-srv-qc-ad01contained
14:30:22HIGHexfil.attempt → bl-laptop-067triage
14:29:03MEDmfa.bypass → m.lavoie@bl-mfg.qc.cacontained
14:27:41LOWgeo.anomaly → bl-vpn-gwobs.
14:25:11MEDmal.signature → bl-laptop-142contained
tenant: industries-beaudry-lefebvre 412 assets · 3 open · 1 active
SAMPLE VIEW see the demo portal →
1985
Founded
IT systems consultancy
2008
Cyber pivot
first SOC engagement
2018
24/7 centre
3 shifts · MTL
2026
MDR platform
current stack · v.5.2
THREAT INTEL · 25 MAY 2026 39% rise in phishing targeting Quebec law firms over 30 days Akira ransomware active across North American manufacturing Critical vulnerability CVE-2026-2841 Fortinet · patch mandatory Credential stuffing campaigns rising against M365 tenants 847 incidents contained this month · CostLink network CCCS advisory · nation-state actors targeting Canadian public services THREAT INTEL · 25 MAY 2026 39% rise in phishing targeting Quebec law firms over 30 days Akira ransomware active across North American manufacturing Critical vulnerability CVE-2026-2841 Fortinet · patch mandatory Credential stuffing campaigns rising against M365 tenants 847 incidents contained this month · CostLink network
[02] · CATALOG

$ services --list

Six disciplines, executed by one team in Montréal. Every engagement is calibrated for Quebec mid-market reality — no enterprise overhead, no under-equipped SMB toolset.

// 01
Managed Detection & Response

24/7 monitoring by bilingual analysts. Sub-15-minute median MTTR. Multi-signal — endpoint, network, cloud, identity.
// 02
Incident Response

On-site team within 4 hours, immediate remote engagement. Forensics, containment, ransom negotiation, regulator liaison.
// 03
Offensive Assessment

External, internal, application, cloud and red team. Executed by our in-house team — no subcontracting.
// 04
Compliance Evidence

Law 25, ISO 27001, SOC 2 Type II, PCI-DSS v4, NIST CSF 2. Audit-ready dossier delivered, signed, dated.
// 05
Endpoint Protection

EDR/XDR deployment and continuous operation. BYOL, managed, or co-administration. CrowdStrike, SentinelOne, Defender, Cortex.
// 06
Training & Simulation

Role-based microlearning. Monthly phishing simulation. Executive tabletop exercises. Delivered in Quebec French and Canadian English.
full service catalog
[03] · CASE STUDY
incident-20240312-001.report · LAWFIRM-XX · CLOSED CONTAINED
START
03:47 EDT
DETECTED
03:51 (+4 min)
CONTAINED
04:26 (+39 min)
RESUMED
07:15 (+3h 28)

« On March 12, 2024 at 3:47 AM, a Montréal law firm lost access to sixteen years of client files. Thirty-nine minutes later our team had isolated the compromised server. By 7:15 AM, partners were able to reopen the practice. The ransom was never paid. »

— costlink incident response team · redacted excerpt from internal log
VECTOR
Akira · phishing → AD
FILES AT RISK
2 847 (16 years)
DATA EXFILTRATED
none
RANSOM DEMAND
680k USD · refused
full case study response methodology
[04] · COMPLIANCE

$ compliance --matrix

Five frameworks covered in regular practice. Every engagement delivers the documentary evidence you'll show to your auditor, regulator, or cyber insurer.

Law 25
active
Privacy · Québec
Coverage96%
Articles covered17 / 18
Active engagements14
ISO 27001
active
ISMS · international
Coverage87%
Controls covered94 / 114
Active engagements9
SOC 2 II
active
Trust criteria
Coverage100%
TSC covered5 / 5
Active engagements6
PCI-DSS
v4.0.1
Payment data
Coverage91%
Requirements11 / 12
Active engagements4
NIST CSF 2
framework
Cyber framework
Coverage79%
Functions6 / 6
Active engagements11
detailed compliance matrix
EMERGENCY HOTLINE · ACTIVE INCIDENT 24·7·365
↳ DIRECT LINE TO THE CENTRE
1 (438) 794-1985
dial · option 1 · response < 120 sec
First contact< 2 min
Analyst on callEN + FR
Deployment< 4 h on-site
Law 25 notif.handled
// INITIAL ASSESSMENT
Not in crisis. Not yet.

A director walks through your current posture in four weeks and hands you a report and a roadmap — no commitment.

book the assessment
// JOIN THE WORKSHOP
Bilingual analysts. In Montréal.

We're always recruiting. SOC analysts, incident responders, compliance advisors. All roles in Montréal — human-friendly schedules.

open roles