Berrington Hunsbury is a technology firm. We design, engineer and secure the platforms behind banks, regulators, operators and growth-stage companies — from cloud-native reference architectures to threat-led SOC programmes and zero-trust rollouts. Hands-on. End-to-end.
We are a small team of architects, platform engineers and security practitioners. Most of us have shipped production systems at banks, regulators or scale-ups before joining the firm. We work alongside your engineers — not above them.
Berrington Hunsbury was founded in 2017 to do technology work properly: design with intent, build to a publishable standard, and stay close enough to delivery that the design survives contact with production.
We are technology-led, not slide-led. Every engagement produces working artefacts — reference architectures, infrastructure code, threat models, detection rules, runbooks — not just recommendations. Where strategy is needed, it is grounded in what can actually be built and operated.
Our team has run trading platforms, defended national infrastructure, designed identity systems for millions of users, and stood up SOCs from scratch. That perspective shapes how we engineer — pragmatically, in code as well as in prose, and with an eye on the operator who inherits the system on day 91.
v.9Each capability stands on its own. Most clients use all three over time — strategy without architecture drifts, architecture without security cannot be trusted, and security without engineering is just paperwork.
Target architectures, build/buy/partner decisions, and tech due-diligence — grounded in what can credibly be engineered, costed and operated.
Reference architectures, platform design and integration patterns — drafted to a build-ready standard and shipped with the IaC, CI/CD and runbooks to back them up.
Threat-led security engineering — from architecture review and zero-trust rollouts to detection engineering and a 24/7 incident response retainer for when prevention runs out.
./runA repeatable engineering rhythm. Each phase produces a working artefact — not a deck — that the client can act on without us in the room.
Two weeks inside the codebase, the cloud accounts, the runbooks and the team. We read the architecture as it actually is — not as the wiki claims — and produce a written assessment with diagrams, risks and a prioritised backlog.
Reference architectures, threat models and operating patterns drafted to a build-ready standard. Diagrams in structurizr, infra in terraform, controls mapped to MITRE. All version-controlled, all reviewable.
We pair with your engineers to land the work — writing code, configuring pipelines, tuning detections, running game-days. The design we drew is the design we help build. No throw-it-over-the-wall.
Runbooks, ADRs, threat models and detection rules — handed over with a written ops review and a 90-day support window. Where retained, we stay on for incident response and quarterly architecture reviews.
Identifying details removed under NDA. The shape of the system, the technology and the measurable outcome are not.
16-week design followed by an 18-month build alongside the bank's platform team. We replaced 40+ point-to-point integrations with a Kafka-based event mesh, reduced critical run-time dependencies by two-thirds, and shipped the first slice into production at week 22.
Threat-led control design followed by a 12-month build of an in-house SOC for a critical national infrastructure operator. We engineered the detection backlog against MITRE ATT&CK, automated triage in Sentinel, and trained the operator's analysts to maintain it. Coverage now exceeds the regulator's benchmark.
8-week target architecture, then a 9-month build of a lakehouse-pattern data platform on Databricks. Real-time exposure and pricing models for three new lines now run on shared infrastructure, with quotation latency down from minutes to seconds.
Reference architecture, then a phased rollout of a federated zero-trust identity model across 14 agencies of a central government department. Conditional access, device posture and workload identity unified onto a single control plane. NCSC-reviewed; A+ rated.