Your platforms, expertly run. Day in, day out.
ITIL-aligned, AI-augmented lifecycle management for your identity, network, security, cloud, and workplace platforms — delivered within our ISO 27001 and SOC 2 assured management system.
What it is
Platform Operations is the day-to-day running and lifecycle management of your security and IT platforms by skilled Sunwell engineers, augmented by AI across every process. We own the health, configuration, patching, and continuous improvement of the platforms your business depends on — following defined ITIL processes, within a certified management system, so the service is consistent, accountable, and audit-ready.
Platforms we operate
What we manage
Identity Ops
Microsoft Entra ID, Okta, and Intune. Identity provider configuration, user lifecycle automation across Microsoft 365 and Google Workspace, MFA, and Conditional Access / Zero Trust policy management.
Network Ops
Palo Alto Networks, Fortinet, Cloudflare, and Netskope. Firewall, VPN, and SASE policy lifecycle, plus network performance and availability management.
Security Platform Ops
Full administration of EDR/XDR, SIEM, CSPM/CNAPP, and mail security platforms (Microsoft Defender for Office 365, Proofpoint, Mimecast) — beyond the operational management included with MDR.
Cloud Ops
Microsoft Azure, AWS, and Google Cloud. Tenant governance, identity and network configuration, cloud security services, DevOps — CI/CD pipelines and infrastructure-as-code — and cost and capacity advisory.
Workplace Ops
Microsoft 365 and Google Workspace administration, Intune and Jamf MDM, endpoint privilege management, application control, and OS and third-party patching across Windows, macOS, iOS, and Android.
Foundation
Core operational coverage
AI autonomy
AI-assisted
Stable platforms with predictable change volume that need solid, reliable operational coverage.
Standard
Active management + scanning
AI autonomy
Assisted + automated
Active platforms with a regular change cadence and compliance requirements.
Advanced
Proactive, full-lifecycle
AI autonomy
Assisted + automated + proactive
Complex, high-change or compliance-heavy environments needing proactive optimisation and advisory.
What changes by tier
The tier applies per service category. Core operations are included at every tier.
| Capability | Foundation | Standard | Advanced |
|---|---|---|---|
| Vulnerability management | CVE monitoring + hardening | + monthly scanning & register | Full lifecycle + risk scoring |
| Problem management | — | Included | Proactive |
| Capacity & performance | — | — | Included |
| Reporting | Quarterly | Monthly | Monthly + executive |
| Compliance evidence pack | Add-on | Add-on | Included |
Critical (P1) platform incidents get an active response within 1 hour, 24/7 — on every tier. Incident response is driven by severity, not by the tier you choose.
Included in every tier
- Configuration management and baseline control
- Availability monitoring and alerting
- Incident management — P1 response 24/7
- Patch management — OS and third-party
- Vulnerability CVE monitoring and configuration hardening
- Change management across the platform lifecycle
- Platform log management and export
- AI assistance across every service process
Available add-ons
- Compliance evidence pack
- Capacity & performance management
- Infrastructure vulnerability scanning
- Full vulnerability management programme
- Extended engineering hours
- Enhanced SLA
- On-site support
- Sunwell-provided monitoring
- Sunwell-provided scanning
- Advanced patch management
Want to know which tier fits your platforms?
Talk to our platform teamSummary only — scope and service levels are confirmed per customer.
How we deliver
ITIL-aligned from day one.
Configuration, change, incident, problem, patch, and vulnerability management run as defined processes — delivered within our ISO 27001-certified and SOC 2 Type 2-assured management system.
AI augments every process — engineers stay accountable.
AI accelerates triage, drafts records, and surfaces issues proactively within guardrails you approve. Engineers remain accountable for every consequential action, and you can adjust or disable AI-automated actions at any time.
We start with an audit, then improve continuously.
Onboarding begins with a configuration and security audit and a documented baseline. From there we manage change carefully and continuously identify optimisation and automation opportunities.
Who it's for
Platform Operations is a strong fit for organisations that:
- Run business-critical identity, network, security, cloud, or workplace platforms and need them managed to a consistent standard
- Want lifecycle management — patching, change, vulnerability remediation — without growing an in-house platform team
- Operate in regulated sectors and need audit-ready evidence of how platforms are run
- Need proactive optimisation and capacity planning across a complex or fast-changing estate
We work across technology, finance, crypto, retail, sports and leisure, and events sectors.
Why Sunwell
Engineering-led, not ticket-led.
Skilled engineers run your platforms, augmented by AI across every process — not a generalist helpdesk closing tickets.
Certified and accountable.
Delivered within our ISO 27001-certified and SOC 2 Type 2-assured management system, with audit-ready reporting and a quarterly compliance evidence pack available.
Clean boundaries with security operations.
Platform Operations dovetails with our MDR service, with responsibilities defined precisely so nothing falls through the gap between platform management and security monitoring.
Ready to get started?
Whether you have a specific project in mind or want to understand how we can help, we'll start with an honest conversation.
Talk to us