Petar Vojinovic
Published on: August 4, 2025
At SafetyDetectives, we’re always looking to spotlight cybersecurity companies that are making a real impact, and Trilight Security is one of them. Founded in 2020 by a team of seasoned professionals, this Estonia-based MSSP has grown into a trusted provider of affordable, white-label security solutions across Europe and North America. We spoke with Managing Director Yan Shmyhol to learn how Trilight’s commitment to long-term partnerships, hands-on expertise, and a philosophy rooted in trust and affordability sets them apart in today’s evolving threat landscape.
What motivated the founding team to start Trilight Security, and how has the company evolved since its launch in 2020?
We often say and write in different docs that the company was founded by professionals united by a shared vision of providing affordable cybersecurity services to all, from large to small and medium-sized enterprises. And it is not just a slogan for us. We do work like this, and many customers have already enjoyed the benefits of our attitude. We initially started as a small, yet professional team, and now there are around 20 cybersecurity professionals from red, blue, and compliance units who constitute a well-balanced MSSP. We offer an extensive list of services, work with customers and partners from various EU and North American countries, and have consistently proven our expertise on numerous sophisticated projects for demanding customers.
How does Trilight Security differentiate itself in the competitive field of white label SOC services and cybersecurity outsourcing?
We differ significantly from our competitors in the white label market for several key reasons. The most important being that our company has initially been built with the focus on white label security services. At the time of our launch, there has been a significant shortage of cybersecurity talent in the market, and it was quite clear that this shortage would persist. Time has proven us right.
With this understanding, we started to build our white label strategy. After prolonged and thorough discussions, we came up with several foundational values for our future partnerships, such as: extra mile approach, trust, professionalism and affordability.
We are focused on building long-lasting partnerships, so we are ready to go far in building relations with our partners. Now and then, we would do more than expected during some current project, just because we see that it will bring tangible benefits to our partners or their end clients. From what we’ve heard from our partners, not every other white label cybersecurity company does such things. However, despite being challenging for us sometimes, such an approach, together with our proven professionalism, helps us build trust. The last but not least factor is that we keep our pricing affordable for our partner, leaving enough room for their margins. This strategy has become even something more: I’d dare say our philosophy… and our partners do value such an approach.
What are some common challenges enterprises face with cybersecurity today, and how do your services, such as vCISO or managed detection & response, help address them?
Today, modern enterprises experience quite a lot of pressure in the cybersecurity domain, both regulatory and from threat actors. In the compliance area we observe requirements from multiple cybersecurity frameworks, which are often overlapping, e.g. GDPR, NIS2, ISO 27001… and because companies and organizations have to follow them it becomes pretty complex and resource-intentive.
All these regulatory efforts unroll in the background of a more and more complex threat landscape which every moment offers new types of attacks, including advanced persistent threats (APTs), ransomware, supply chain attacks and many, many more.
What’s even worse, the vast skills shortage persists. Many organisations literally struggle to hire and retain experienced cybersecurity professionals, which creates gaps in security operations and governance.
Centralised security monitoring, involving response services, as well as vCISO services, offers a well-balanced response to all these difficulties. Such a combination greatly improves cybersecurity posture in the organisation, helps mitigate skills shortage, and helps auditors’ reports look much more convincing against the compliance requirements. This is what we’ve observed during our hands-on experience of MDR and vCISO services provided to different companies around the EU.
Can you explain how your compliance and risk management services support clients pursuing certifications like ISO 27001 or SOC2?
We support clients pursuing ISO 27001 and SOC 2 certificationі by providing structured compliance and risk management services that align with both the technical requirements and real-world implementation challenges of these frameworks.
We typically start with a gap analysis: reviewing existing policies, controls, and documentation against the requirements of ISO 27001 (Clauses 4–10 and Annex A) or the SOC 2 Trust Services Criteria. This helps identify missing controls, inconsistencies, or areas where existing measures don’t meet audit expectations.
Since both standards are built around a risk-based approach, we then conduct a formal risk assessment, identifying relevant threats, vulnerabilities, and potential business impacts. Based on this, we produce a Risk Assessment Report and a corresponding Risk Treatment Plan, which includes specific, actionable controls tailored to our client’s environment.
We also help clients build or improve their Information Security Management Systems (ISMS) for ISO 27001 or their internal control systems for SOC 2. This usually involves: drafting and updating policies (access control, incident response, vendor management, etc.); defining roles, responsibilities, and governance models; mapping treatment plans to control objectives so everything is, of course, traceable and auditable.
Where needed, we assist with implementation, including both technical and procedural measures. That might mean helping configure firewall rules, deploy endpoint protection, or run security awareness sessions, purely depending on what’s needed to close gaps identified in the assessment.
To ensure our clients are ready for the audit, we run internal audits (as required by ISO 27001) or SOC 2 readiness reviews, help gather evidence, walk through control execution, and fix any issues before the formal audit takes place.
I would like to emphasise that our role doesn’t end with certification. We also continue to support post-certification efforts such as maintaining documentation and making sure all risk changes are monitored and adapting controls over time to always stay compliant. That way, compliance becomes a manageable part of the company’s operations, not just a one-time standalone project.
How do you ensure your team stays current with rapidly evolving cyber threats and technologies across your service offerings?
There are two major flows in this never-ending process: an internal and an external. Internal consists mostly of our continuous training process, which includes certifications for our team members and a mentorship program for the junior specialists and newcomers. Both components are really important for us and help us keep up with the expectations of our partners and customers.
The external flow is the hands-on experience that our blue and red teams get daily. We mitigate threats, help with remediation during incident response, find vulnerabilities in digital assets of our customers, and it all builds up personal and company wide expertise like nothing else.
We keep a close eye on emerging technologies and solutions, test interesting products which are available and sometimes add them to our portfolio. I have to admit that not all products live up to the promise; however, there is a definite progress in the domain of cybersecurity tools. You just don’t have to expect top performance from budget products offering a bunch of functions. Our practice has many times proved this concept; that’s why, for instance, with our SOCaaS offering, we use products from Gartner’s quadrant for the SIEMs.
Yan Shmyhol
Managing Director
Trilight Security OÜ
https://trilightsecurity.com
