Plan for a safer, more secure future

The first step in building a safe and secure business is shining a light on the current state of your information security. Our expert security team uses best-practice industry frameworks ‘right-sized’ for New Zealand business to assess the security risks facing your business. Our strategy and consulting services are divided into three parts: vulnerability, maturity and test and train services.

For a bird’s eye view of your security maturity, our Information Security Assessment will help you to assess your business’ essential technical security controls, governance and processes, while our Information Security Policy Review service offers a ‘deep dive’ review of your organisation’s security policy documents.

Providing the confidence to match business velocity

SOC & SIEM bring together the best technology with a 24x7 security service providing assurance that your security appliances and products are being monitored by security professionals. If your business needs to go fast transforming your IT operations and digital services, we match the speed to be successful in business, with the ability to take evasive action when needed.

Most businesses today have invested in some form of security appliances and products, such as firewalls or endpoint security. These products are in charge of watching and protecting your IT systems, but who watches the watchers? Who is responsible for detecting, assessing and responding to potential threats?

Our Security Operations Centre provides highly skilled security analysts working within our security operations framework. We use leading Security Incident and Event Management software to analyze and correlate data, looking for hidden threats.

For organisations seeking security solutions that go beyond technology to provide business assurance and risk mitigation, SOC & SIEM includes monthly consultation with one of our security consultants to make recommendations and implement continuous improvements.

Decrease your attack surface by proactively managing vulnerabilities

Accurate and up-to-date information on all your IT assets and their vulnerabilities provides the basis for managing your attack surface. With the ever-changing environments, periodic scanning no longer provides the immediate and actionable data required to prioritise and manage risks.

Our Vulnerability Management Service provides cloud-managed vulnerability scanning and management, feeding into our Security Intelligence 24x7 service. We will assess and prioritise the vulnerabilities that matter the most, and work with your team to remediate.

Detecting the threats in your network

Protecting your network with a security appliance is important, but equally important is being able to detect when a network or system has already been compromised. With an Intrusion Detection system, every packet across the network is inspected for malicious behaviour, with threats and anomalies being detected for review and remediation.

Delivered as-a-service, we integrate network IDS into our Security Intelligence 24x7 service, ingesting network threat data for analysis and response. This combines an operational framework for addressing threats with best in class technology.

Detect suspicious endpoint behaviour and take action

Threats to devices and endpoints are one of the largest challenges security teams face as remote and flexible working grows. As the threats have become more advanced and persistent, the tools to protect ourselves have also changed significantly. Far from signature-based antivirus software, Endpoint Detection and Response (EDR) software uses intelligent analysis and machine learning to detect anomalies in behaviour that could indicate a breach.

However, EDR software by itself is far from an answer to this problem, as it requires a security team to analyse and respond to suspicious activity. Delivered as-as-service, our 24x7 Security Intelligence service, will provide a complete EDR solution including leading technology combined with our security response team.

Deliver access to your applications, not your entire network

Provide your people and partners access to your applications from anywhere, at any time, while severely hampering the ability of malicious users or infected devices to scan and access your network.

Zero Trust Network Access (ZTNA) hides your applications behind a trust broker, which verifies identity, considers context (e.g. where a person is and what device they are using) and confirms compliance with designated policies. Once sufficient trust is established, access is allowed to specific applications or resources.

With our cloud-native service, you will avoid appliance management and location or bandwidth limitations and ensure any number of your people can access your applications securely, from anywhere in the world, at any time. We’ll even enable you to measure and monitor the digital experience for every user and identify performance issues, whether they’re due to the device, network path, or application.

Prove that your people, processes, and technology are prepared to repel cyber attacks

There’s nothing like running a drill to identify opportunities to improve your systems and processes and provide a safer environment for your people. The Instillery’s Threat Emulation service will execute an imitation cyber attack on your organisation. The advanced tactics, techniques, and procedures used by today’s threat actors are employed by our team. We expose vulnerabilities and risks to your organisation through attempts to outmanoeuvre your people and systems and access your data. Your organisation is then informed and empowered to mitigate these vulnerabilities and risks.