bigBITS Cyber — Tactical Cyber Security Operations

// 01 — CAPABILITIES

Tactical Operations

CAP-01

[OSINT]

OSINT & People Profiling

When a claim looks inconsistent or a case needs facts before a court date. Location, background verification, asset and lifestyle indicators, and associate mapping — delivered on the timeline litigation and claims actually run on.

CLAIM TRIGGEREDPRE-TRIALDUE DILIGENCE

CAP-02

[VULN]

Vulnerability Assessment

Triggered by a new compliance deadline, a vendor or platform migration, or a new security lead wanting a baseline. CVE research, patch gap assessment, and a prioritized roadmap tied to the date that's forcing the review.

COMPLIANCE DEADLINEPLATFORM CHANGE

CAP-03

[IR]

Incident Response

For the moment it's already happening. Rapid containment, forensic investigation, and post-incident hardening — available 24/7 because this trigger doesn't wait for business hours.

ACTIVE BREACH24/7

CAP-04

[PENTEST]

Penetration Testing

Driven by an upcoming audit, a client/insurer requirement, or new infrastructure going live. Black, grey, and white-box testing with documented findings ready before the deadline lands.

AUDIT REQUIREDNEW INFRASTRUCTURE

// 02 — OSINT

People Intelligence

A claim looks off. A deposition is approaching. A subject's story doesn't match the facts. These are the moments that bring law firms and insurers to us — not a routine check run on a schedule. Every engagement traces public records, social activity, location history, and associate networks into a single, defensible report, timed to the date that's already on your calendar.

CASE FEED // SAMPLE FINDINGSACTIVE CASELOAD

2025-05-19 03:17ZCONFIRMEDSubject's undisclosed secondary residence identified via property and utility recordsSRC: PUBLIC RECORDS

2025-05-19 01:42ZHIGHCurrent employer and work location confirmed despite claimed disability statusSRC: SOCMINT

2025-05-18 22:08ZHIGHUndisclosed business interest linked to subject through corporate registry filingSRC: CORP RECORDS

2025-05-18 19:55ZMEDIUMRecent travel activity inconsistent with stated location during claim periodSRC: SOCIAL

2025-05-18 14:30ZMEDIUMAssociate network mapped — relevant third party identified for follow-upSRC: NETWORK MAP

SOURCE COVERAGE

Wide

Public records, social, corporate, property

REPORT FORMAT

Court-Ready

Documented, sourced, and structured for case use

TURNAROUND

< 5d

Standard case turnaround, rush available

// 03 — ABOUT

Who We Are

Québec-based. Operationally focused. bigBITS Cyber doesn't pitch "someday" security improvements — we show up when something already makes the work urgent: a breach, a deadline, a platform change, a new hire reviewing the program, a case that needs facts. We operate at the intersection of federal-grade methodology and private-sector agility, delivering direct, high-context work exactly when it's needed.

OPERATOR PROFILE // CLASSIFIED

ENTITYbigBITS Cyber Inc.

CLASSTactical Cyber Consultancy

BASEQuébec City, QC, Canada

SECTORPrivate / Government

CLEARANCEOPERATIONAL

LANGUAGEEN / FR

STATUS● ACCEPTING ENGAGEMENTS

10+

YEARS IN FIELD

100%

DISCRETION

24/7

AVAILABILITY

BREACHES ON OUR WATCH

bigBITS Cyber was built on one premise: most security firms wait for clients to come to them with a vague "improve our posture" ask, then sell a generic package. We do the opposite — we pay attention to the moments that actually force a decision, and we're ready when they happen.

Our principal operator brings frontline experience from both the private sector and federal government cyber programs — giving clients access to intelligence-grade methodology and practitioner-level execution that larger consultancies simply cannot replicate.

We work with a select roster of clients. Engagements are direct, confidential, and timed to the event that triggered them — not a templated report package on a generic schedule.

►Bilingual service delivery — English and French

►Familiar with GoC security frameworks and ITSG

►Mutual NDA standard on every engagement

►PIPEDA-compliant data handling throughout

// 04 — PROCESS

How We Operate

Every engagement starts with the event that triggered it — a breach, a deadline, a platform change, a case. From there it follows a disciplined operational methodology developed through years of real-world offensive and defensive operations. Scope is defined upfront, communications remain open throughout, and every finding is documented with clear evidence and actionable next steps. No shortcuts. No surprises. No dropped reports.

STEP 01

Trigger & Scope

We start with what's actually driving the engagement — the breach, deadline, or event behind the request — and scope the work around it, avoiding wasted cycles on what isn't urgent.

STEP 02

Threat Modeling

We map your specific adversary profile — nation-state, criminal, insider, or opportunist — and tailor the engagement to simulate those exact threat actors.

STEP 03

Active Operations

Controlled, documented, and scoped execution within agreed rules of engagement. Real-time communication channels kept open throughout.

STEP 04

Intelligence Reporting

Dual-format delivery: executive brief for leadership and a full technical deep-dive with exploitation chains, evidence, and prioritized remediation steps.

STEP 05

Remediation Support

Post-engagement validation, re-testing of critical findings, and optional hardening guidance. We do not drop a report and disappear.

// 05 — ENGAGE

Initiate Contact

If something has already made this urgent — a breach, a deadline, a claim, a platform change — that's exactly when to reach out. Engagements are selective; we work with a limited roster of clients to ensure every operation receives full attention and dedicated resources. All communications are treated as confidential by default. A mutual NDA is standard on every engagement. Active incidents receive a response around the clock.

ORGANIZATION

SECURE EMAIL

ENGAGEMENT TYPE

OPERATIONAL BRIEF

BASE OF OPERATIONS

Québec City, QC, Canada

Remote engagements available worldwide

SECURE CONTACT

ops@bigbits.org

PGP encryption available — key on request

AVAILABILITY

24 / 7 / 365

Active incidents receive immediate response

LANGUAGES

English · Français

Full bilingual service delivery

FRAMEWORK ALIGNMENT

GoC · NIST · ISO 27001 · PIPEDA

Federal and private sector compliance