We believe that businesses need to go faster than ever in the rapidly changing world of technology. This makes it all the more important to have security services that match the pace of innovation while providing the confidence to execute with velocity.
Our security consultants ensure you receive the black card experience that takes the complexity out of the wickedly technical. Get the top shelf experience paired with the sophisticated security service.
Investing in cybersecurity is akin to putting brakes in a car. It doesn’t stop you moving forward, it gives you the confidence to go faster
Head of Operations
Milford Asset Management
Businesses are reinventing themselves at a relentless pace as both the opportunity and threats of the digital economy emerge. With this velocity of change, we need the confidence that we are securing one of our most valuable assets - our data. Matching speed with safety can be the difference between a digital transformation and a digital disaster.
Plan for a safer, more secure future
The first step in building a safe and secure business is shining a light on the current state of your information security. Our expert security team uses best-practice industry frameworks ‘right-sized’ for New Zealand business to assess the security risks facing your business. Our strategy and consulting services are divided into three parts: vulnerability, maturity and test and train services.
For a bird’s eye view of your security maturity, our Information Security Assessment will help you to assess your business’ essential technical security controls, governance and processes, while our Information Security Policy Review service offers a ‘deep dive’ review of your organisation’s security policy documents.
Providing the confidence to match business velocity
SOC & SIEM bring together the best technology with a 24x7 security service providing assurance that your security appliances and products are being monitored by security professionals. If your business needs to go fast transforming your IT operations and digital services, we match the speed to be successful in business, with the ability to take evasive action when needed.
Most businesses today have invested in some form of security appliances and products, such as firewalls or endpoint security. These products are in charge of watching and protecting your IT systems, but who watches the watchers? Who is responsible for detecting, assessing and responding to potential threats?
Our Security Operations Centre provides highly skilled security analysts working within our security operations framework. We use leading Security Incident and Event Management software to analyze and correlate data, looking for hidden threats.
For organisations seeking security solutions that go beyond technology to provide business assurance and risk mitigation, SOC & SIEM includes monthly consultation with one of our security consultants to make recommendations and implement continuous improvements.
Decrease your attack surface by proactively managing vulnerabilities
Accurate and up-to-date information on all your IT assets and their vulnerabilities provides the basis for managing your attack surface. With the ever-changing environments, periodic scanning no longer provides the immediate and actionable data required to prioritise and manage risks.
Our Vulnerability Management Service provides cloud-managed vulnerability scanning and management, feeding into our Security Intelligence 24x7 service. We will assess and prioritise the vulnerabilities that matter the most, and work with your team to remediate.
Detecting the threats in your network
Protecting your network with a security appliance is important, but equally important is being able to detect when a network or system has already been compromised. With an Intrusion Detection system, every packet across the network is inspected for malicious behaviour, with threats and anomalies being detected for review and remediation.
Delivered as-a-service, we integrate network IDS into our Security Intelligence 24x7 service, ingesting network threat data for analysis and response. This combines an operational framework for addressing threats with best in class technology.
Detect suspicious endpoint behaviour and take action
Threats to devices and endpoints are one of the largest challenges security teams face as remote and flexible working grows. As the threats have become more advanced and persistent, the tools to protect ourselves have also changed significantly. Far from signature-based antivirus software, Endpoint Detection and Response (EDR) software uses intelligent analysis and machine learning to detect anomalies in behaviour that could indicate a breach.
However, EDR software by itself is far from an answer to this problem, as it requires a security team to analyse and respond to suspicious activity. Delivered as-as-service, our 24x7 Security Intelligence service, will provide a complete EDR solution including leading technology combined with our security response team.
Prove that your people, processes, and technology are prepared to repel cyber attacks
There’s nothing like running a drill to identify opportunities to improve your systems and processes and provide a safer environment for your people. The Instillery’s Threat Emulation service will execute an imitation cyber attack on your organisation. The advanced tactics, techniques, and procedures used by today’s threat actors are employed by our team. We expose vulnerabilities and risks to your organisation through attempts to outmanoeuvre your people and systems and access your data. Your organisation is then informed and empowered to mitigate these vulnerabilities and risks.
Prepare and implement your technical, policy and process controls to help prevent attacks.
A security event may be identified through manual reports, automatic alerting, systems monitoring or security monitoring.
Investigate the event, recording details and performing the initial technical analysis. Declare an incident or resolve and close the issue.
Analyse the technical details of the incident to determine the attack vectors, type and scope. Assess the potential business impact and any legal or regulatory requirements. Invoke your comms plan.
Respond to the incident by first containing the attack, then eradicating the threat. Recover any data or systems, and repair any reputational harm. Address any legal or regulatory requirements.
Review the incident, being sure to cover off the process as well as the technical response and the business outcomes. Identify areas for improvement and create a plan of action to implement any changes.
05 Jul 2023
CERT NZ Q1 Report Reveals Surge in Scams, New Tactics & AI Exploitation
In their latest cyber security report for the first quarter, CERT NZ (Computer Emergency Response Team) unveils a disturbing increase in scams and sheds light on the growing exploitation of Artificial
06 Jul 2022
Are NZ thieves adding cybercrime to their resumes?
The response in this story is based on a real incident that The Instillery Security Intelligence team recently worked on; however, names & details have been changed to protect the identities of th
21 Mar 2022
What does comprehensive security posture look like?
As technology continues to become an enabler for business innovation and value creation, you and your organisation need confidence that your security is enough to keep your business secure in a cybers
24 Feb 2022
Why antivirus alone is not enough to protect your business
It’s no secret that the rate of cyberattacks targeting New Zealand businesses is growing. CERT NZ responded to 2,072 incidents alone during the third quarter of 2021 - a 53% increase from the previo
26 Aug 2021
State of play: Current cyber threat landscape
The last 12-months have seen a significant increase in cyber threats targeting organisations, be it private or public organisations, both internationally and here in New Zealand. Cert NZ recently repo
Top Shelf Tech
10 Dec 2020
December Security Brief - Top Shelf Tech w/ ZX Security
We're live on Top Shelf Tech for the December Security Brief with ZX Security. Jason Wild and Ian White (General Manager, ZX Security) will be breaking down the latest in #cybersecurity, vulnerabiliti