Case Study

Xiatech

What we did for Xiatech

Industry: Information Technology

Published: 26/08/2025

Project Overview

Xiatech is one of the UK’s fast-growing global technology companies. As they scaled, their technical leadership recognised the need to strengthen the company’s security posture, achieve ISO27001 certification and modernise their endpoint protection, all while maintaining momentum across a busy roadmap. SEP2 supported Xiatech with expert guidance, hands-on delivery and a long-term partnership approach.

The Challenge

Tight ISO27001 deadline
Limited internal security expertise
Outdated endpoint protection
Needed a trusted, collaborative partner

The Solution

Defined clear roadmap to certification
Guided certification process, passed first attempt
Recommended SentinelOne for modern EDR
Built a strong, ongoing partnership

Who are Xiatech

Xiatech are pioneers of Xfuze, the world’s first AI-powered composable integration, data management, analytics and orchestration platform that innovatively connects systems, creates a single view of data and delivers actionable insights in one solution. Business, technology and data teams use Xfuze to shorten time-to-insights, accelerate digital transformation, and extend the value of their legacy technology investments.

Why Xiatech Chose SEP2

Denis Maurin, CTO at Xiatech, sought SEP2’S Wingman vCISO service to support his teams’ journey towards ISO27001 certification. The goal wasn’t simply to tick a compliance box: it was to strengthen their security posture and build credibility with their loyal customers.

Although Denis had some prior experience with ISO and SOC frameworks, the team quickly realised that managing the process internally would be time-consuming. “We knew we couldn’t do it on our own,” Denis explained. “We didn’t have the time, and we wanted additional expertise to guide us through the process. If we tried to do it ourselves, we’d probably spend a lot of time and effort in the wrong areas.”

Xiatech were introduced to SEP2 through a recommendation from Google. From the outset, the team were clear that they didn’t want to work with a large, impersonal provider. “We were reluctant to go with a big company,” Denis said. “To them, you’re just a number, and as a small business you don’t really count. We needed a partner who understood the needs of a medium-sized business like ours.”

As the business scaled, Xiatech’s leadership team recognised the need to strengthen their security posture, not just to meet compliance requirements, but to build trust with enterprise customers and support long-term growth.

Working with SEP2

Our Wingman vCISO service provided exactly the kind of focused, expert support Xiatech were looking for. Working closely with Denis and his team, SEP2 helped define a clear roadmap to certification, prioritising the most impactful actions and ensuring the business was well-prepared for the audit.

Xiatech were working to a tight deadline, with certification required by December. With SEP2’s support, they passed on the first attempt, and the impact was almost immediate. The certification gave the business added credibility in commercial discussions. As Denis put it, “There’s a big retailer we’re starting a proof of concept with; I think it would have been very hard without the certification.” Internally, the certification process raised awareness across the organisation and improved the quality of security reviews. “The before and after is pretty significant,” Denis added. “It’s changed how we approach security internally, not just externally.”

Alongside SEP2’s Wingman vCISO service, Xiatech were also reviewing their endpoint protection. Their existing solution lacked support for cloud services, was difficult to manage across Max and Linux devices, and didn’t integrate well with their broader technology stack. With the end of their contract approaching, the team turned to SEP2 for guidance on a more suitable alternative, with Denis stating that, “We needed something that would integrate better with our systems and support our compliance goals.”

SEP2 recommended SentinelOne, delivered through our Wingman EDR service. The platform offered the features Xiatech needed, such as: remote shell access, device control, patch management, and deep visibility across all operating systems. Crucially, it could block USB mass storage devices on Mac and Linux and integrate with tools like Mimecast. “The ability to block USB devices and encrypt endpoints was really important to us,” Denis explained. “We also needed to maintain an inventory of our machines, especially with a remote workforce. SentinelOne combined with our implementation of ManageEngine MDM gave us that visibility.”

From the first conversation, SEP2’s focus on security and technical clarity stood out to Denis. The onboarding process was smooth, and the commercial discussions were transparent and straightforward. What stood out most to the Xiatech team was the calibre of the people involved. “I appreciate the quality of the people that you have in the organisation,” Denis noted. That confidence in SEP2’s expertise and approach has helped build a strong, collaborative relationship. This has remained strong throughout the engagement, with ongoing conversations about expanding into other areas in the future, Denis shared: “We hope to expand, and it’s certainly our intention to continue growing this partnership.”

Looking Ahead

Xiatech partnered with SEP2 to strengthen their security posture, achieve ISO27001 certification, and modernise their endpoint protection. With our Wingman vCISO and Wingman EDR services, they met tight deadlines, improved internal processes, and unlocked new commercial opportunities. As they continue to scale, we will remain a trusted partner, supporting their evolving security needs.

Testimonials

Hear From Those We Protect

You’re vendor agnostic, which is key for growth, and your team are providing really good insights in terms of the alerts raised. They also provide meaningful context behind them, which is great for us as an organisation,”

When we hit the limits of our knowledge, it’s having SEP2 there to say, ‘Try these things first.’ That expertise on hand is really important to us.

To have people like that around our account that we can pick the phone up to and ask questions was refreshing. Ultimately, we trusted SEP2 and we trust you with our cyber security.

Often the term used is ‘you can’t see the wood for the trees’. Most organisations implement security tooling tools and you’ve got different dashboards. The idea is you put them into a single place, and leverage expert resource such as the SEP2 SOC that actually understands that data and work with it on a daily basis. They can assess it case-by-case and escalate it back to us at Funding Circle only when necessary. And that whole process has been really, really smooth.

They are phenomenal: both personable and very knowledgeable. Our main contact is like a fountain of knowledge. If you ask him a question, he always comes back with ten answers – all the shades of grey, not just a ‘Yes’ or ‘No.’ To me that shows the level of passion he has, and that he really wants to do things properly.

The original group of people who founded SEP2 were very deep in their knowledge of this type of technology, which can be complicated. It’s become the whole field of firewalls, intrusion prevention, antivirus, ransomware, etc. Cyber security as a whole has really ballooned, and there’s lots of dimensions to it, but you’ve managed to keep up.

During the evaluation process it was clear to me that SEP2 were the strongest candidate from a technical standpoint. During our first meeting, their ability to give immediate solutions to ongoing issues we were experiencing at the time was a breath of fresh air.

SEP2 are knowledgeable, motivated and switched on; they take ownership and they have a drive for resolution. They know their stuff! They are not merely a firewall partner, they are a cyber security partner. They take a strategic approach. They are approachable and offer additional value outside of their support contract. Working with SEP2 means we are no longer fire-fighting; rather we can now take a step back and proactively get things sorted. SEP2 say they are tech driven and people powered, and that’s exactly what they are! It all comes down to the people you are dealing with.

They live and breathe the technology. It comes from the top, however, everyone is an expert within SEP2, from sales through to the service desk. We don’t want to wait to be told what more we can get from vendors’ products. SEP2 are great in pro-actively helping us achieve value-add solutions. They aren’t about chasing revenues, they are about providing best possible value.