About Singahi

Get secure. Prove it.

Singahi is a practitioner-led cybersecurity firm for growing companies that have to satisfy customers, investors and regulators. One team across compliance, testing and managed security.

Why we exist

Singahi was built by practitioners: the people who do the testing, build the controls and sit the audits. We are not a sales organisation that subcontracts the work.

We kept seeing growing companies hit the same wall. Real security work, and the proof of it, was split across vendors who didn't talk to each other. A pen-test firm here, a compliance consultant there, a managed provider somewhere else, and the customer left to stitch it together under deadline.

So we put compliance, testing and managed security under one team, organised around a simple model, C·A·M, that lets you land with one problem and grow into the rest as trust builds.

What we value

How we work, in three words.

Integrity

We tell you what we find, not what is comfortable. No inflated findings to sell more work, no quiet omissions to look good. If a control is weak, you hear it from us first.

Impact

We optimise for what moves your risk and your deals, not for a thicker report. The work is judged by whether it closes a gap, passes an audit or unblocks a customer.

Craft

Security is done by hand as well as by tools. We sweat the detail, name the frameworks we work to, and hand you evidence that is built to be checked.

The C·A·M approach

Land with one. Grow into three.

Compliance

Get certified, and prove it.

Assessment

Find what scanners miss.

Managed

Stay protected.

Credentials

Certified practitioners on every engagement.

OSCP
CISSP
CISA
CEH
ISO 27001 Lead Auditor

Reach

Our office is in Vijay Nagar, Nilmatha, Lucknow 226002, India, with representatives in Bengaluru, Noida, Chandigarh. We serve clients across 6 countries: USA, Canada, UK, Germany, India, Middle East.

We don't hide the India base. It is how you get experienced people at in-house speed and attentiveness. You work directly with the people doing the work, across your time zone.

FAQ

The questions buyers actually ask

Who actually does the work?

Certified practitioners with OSCP, CISSP, CISA, CEH and ISO 27001 Lead Auditor credentials, on every engagement. You are not handed to juniors behind a brand.

You're based in India and we're not. How does that work?

We work as an extension of your team across time zones, with experienced people, named frameworks and evidence your auditors and customers recognise. Clients in six countries already do.

What frameworks do you work to?

The ones your stakeholders trust: ISO 27001, SOC 2, OWASP, PTES, NIST and CIS. We name them explicitly in everything we deliver.

Can we start small?

Yes. Most clients land with one problem, such as a certification, a pen test or a gap to close, then grow into the full compliance, assessment and managed relationship as trust builds.

Derisk. Build Trust.

Work with the people who do the work.

Tell us what's prompting this, whether a questionnaire, an audit deadline or an investor ask. We reply within four business hours.

Get an assessment