OpSec Logo
Company

Built in the UK. For the UK.
Sovereign by design.

OpSec Ltd was founded with a single conviction: UK organisations deserve cybersecurity tools that operate entirely within UK jurisdiction, with no foreign data exposure, ever.

Company No.
16398051
Registered
King's Cross, London
SIC Codes
62020 · 62090
Our Mission

Eliminate the metadata attack surface. Permanently.

Every day, UK organisations unknowingly publish roadmaps to their internal infrastructure through the metadata embedded in their public-facing documents. This is not a niche vulnerability — it is systemic, and it is exploited routinely.

Our mission is to make metadata sanitization as automatic and invisible as antivirus software — something that simply happens, without burdening your team or disrupting your workflows.

We measure success not by features shipped, but by the number of metadata-based attacks that never happen.

Dr. Mohammad Salauddin Sagar
MS

Dr. Mohammad Salauddin Sagar, PhD

Founder & Director, OpSec Ltd

Researcher, Institute of Management Greater Manchester · University of Bolton

BEngMResMScPhDMIETMIEEE

"I founded OpSec because I kept seeing the same vulnerability exploited in breach after breach — metadata. It is invisible to the sender, obvious to the attacker, and completely preventable. We built the tool I wished existed."

Research Focus
Information SecurityNetwork SecurityCloud SecurityFinancial ComputingBanking TechnologyMachine Learning
University of Bolton · Supervised by Dr Lee Wood
King's Cross, London
OpSec Ltd · Company No. 16398051
Principles

What we stand for

Privacy by Design

Every architectural decision begins with the question: does this protect our clients' data? Privacy is not a feature — it is the foundation.

UK Sovereignty

All processing, storage, and infrastructure operates within UK borders. We will never route client data through US or EU systems.

Precision Over Coverage

We build one product and build it exceptionally well. OPSEC Scrub does one thing — and it does it better than anything else available.

Transparency

Our audit logs are designed to be read by your auditors, not just our engineers. Transparency is how we earn trust.

UK Sovereignty

Your data never leaves UK jurisdiction.

In an era of cross-border data transfers, foreign intelligence collection, and extraterritorial legal reach, UK sovereignty is not a marketing claim — it is a technical and legal commitment.

Every component of OPSEC Scrub — compute, storage, networking, and logging — runs on infrastructure physically located in the United Kingdom, operated by UK entities, subject exclusively to UK law.

All compute: UK-based data centres
All storage: UK-jurisdiction only
No US CLOUD Act exposure
No EU GDPR transfer mechanisms required
UK ICO registered data processor
NCSC Cyber Essentials Plus certified infrastructure

Infrastructure Commitment

Compute
AWS London (eu-west-2)🇬🇧
Storage
UK-only S3 buckets🇬🇧
CDN
UK edge nodes only🇬🇧
Logging
UK-sovereign SIEM🇬🇧
Backups
UK data centres🇬🇧
Support
UK-based team🇬🇧
History

Company Timeline

2024

OpSec Ltd incorporated at King's Cross, London

2025

OPSEC Scrub v1.0 — Silent Proxy architecture deployed

2025

IASME Cyber Assurance Level 2 certification achieved

2026

OPSEC Scrub v2.0 — AI sanitization engine launched

2026

Cyber Essentials Plus v3.3 compliance certification

Legal Name
OpSec Ltd
Company Number
16398051
Registered Office
King's Cross, London
SIC Code 1
62020 — IT Consultancy
SIC Code 2
62090 — Other IT Services
Jurisdiction
England & Wales

Work with us.

Whether you need a free risk audit, enterprise deployment, or a compliance consultation, we are here.