Hello, world! We are Not Bad Security

We are excited to announce our new company, Not Bad Security. As our name sort of gives it away, we provide services on the Microsoft security stack, such as Microsoft Defender for Cloud, Microsoft Sentinel, and other Defender products. Another area where we’re serving our customers are the multi-cloud security capabilities, such as CloudKnox and Defender for Cloud capabilities for Google Cloud Platform and Amazon Web Services.

But first, how did we get here? Together with my co-founder, Antti Kujamäki, we started thinking about building a company that has a fierce focus on two things: Microsoft 365 security and Microsoft Azure security. While we were having virtual coffee and chatting about the prospect of building something like this, it became clear that we needed to make this. Thus, our company was born in January 2022, and it then took a few months to get the business model, funding, legalities, and offerings in shape.


We strive to build services that are easy to understand and affordable for our customers. Many times it seems that security-related projects, deployments and licensing considerations tend up to become overly complex over time. We’re here to untangle that for our customers.

Today, we at Not Bad Security are releasing the first batch of our services:


Workshops. These are remotely delivered, fixed price, and very practical. We’re planning to announce more workshops during 2022, and today we start with the first five. They vary from half-day to a full-day workshop, and each workshop has a clear and concrete purpose and outcome. It might often be unclear why a workshop is being delivered and the effort and cost for that. We want to be transparent – so each workshop has a fixed price, and they are readily visible!

Services. Our first service, released today, is Security Architect as a Service. This is for you when you have a question about anything related to Microsoft security products. Perhaps you plan to deploy Microsoft Sentinel but are unsure how it relates to your current architecture? Or you might be looking at an incident in Microsoft Defender for Cloud but want confirmation that your mitigation approach is solid? And when you need a second set of eyes to verify your planned architecture changes – we’re there to help you. The service has a fixed monthly price, and you can discontinue it at any time you like. The service includes one query or case to be resolved by us each month.

Lastly, we are also available for custom projects and contract work hourly or monthly.


We plan on announcing more services in the coming months – stay tuned!

Not Bad Security is fully funded and owned by its employees. We’re based in Finland, but all of our people work remotely, and we’re happy to serve our customers throughout the world as needed.

We’re very open to partnerships, joint projects, and other collaboration with other Microsoft Partner companies and customers. Feel free to reach out, and let’s see what we can build together!

The results are in for the Microsoft Cybersecurity Architect (SC-100) exam!

Photo by @punttim / Unsplash.com

Insights on preparing for the Microsoft Certified: Cybersecurity Architect Expert (SC-100) certification