We believe that businesses need to go faster than ever in the rapidly changing world of technology. This makes it all the more important to have security services that match the pace of innovation while providing the confidence to execute with velocity.
Our security consultants ensure you receive the black card experience that takes the complexity out of the wickedly technical. Get the top shelf experience paired with the sophisticated security service.
Investing in cybersecurity is akin to putting brakes in a car. It doesn’t stop you moving forward, it gives you the confidence to go faster
Head of Operations
Milford Asset Management
Businesses are reinventing themselves at a relentless pace as both the opportunity and threats of the digital economy emerge. With this velocity of change, we need the confidence that we are securing one of our most valuable assets - our data. Matching speed with safety can be the difference between a digital transformation and a digital disaster.
Plan for a safer, more secure future
The first step in building a safe and secure business is shining a light on the current state of your information security. Our expert security team uses best-practice industry frameworks ‘right-sized’ for New Zealand business to assess the security risks facing your business. Our strategy and consulting services are divided into three parts: vulnerability, maturity and test and train services.
For a bird’s eye view of your security maturity, our Information Security Assessment will help you to assess your business’ essential technical security controls, governance and processes, while our Information Security Policy Review service offers a ‘deep dive’ review of your organisation’s security policy documents.
Providing the confidence to match business velocity
Security Intelligence brings together the best technology with a 24x7 security service providing assurance that your security appliances and products are being monitored by security professionals. If your business needs to go fast transforming your IT operations and digital services, we match the speed to be successful in business, with the ability to take evasive action when needed.
Most businesses today have invested in some form of security appliances and products, such as firewalls or endpoint security. These products are in charge of watching and protecting your IT systems, but who watches the watchers? Who is responsible for detecting, assessing and responding to potential threats?
SOC & SIEM
Our Security Operations Centre provides highly skilled security analysts working within our security operations framework. We use leading Security Incident and Event Management software to analyze and correlate data, looking for hidden threats.
For organisations seeking security solutions that go beyond technology to provide business assurance and risk mitigation, Security Intelligence includes monthly consultation with one of our security consultants to make recommendations and implement continuous improvements.
Decrease your attack surface by proactively managing vulnerabilities
Accurate and up-to-date information on all your IT assets and their vulnerabilities provides the basis for managing your attack surface. With the ever-changing environments, periodic scanning no longer provides the immediate and actionable data required to prioritise and manage risks.
Our Vulnerability Management Service provides cloud-managed vulnerability scanning and management, feeding into our Security Intelligence 24x7 service. We will assess and prioritise the vulnerabilities that matter the most, and work with your team to remediate.
Detecting the threats in your network
Protecting your network with a security appliance is important, but equally important is being able to detect when a network or system has already been compromised. With an Intrusion Detection system, every packet across the network is inspected for malicious behaviour, with threats and anomalies being detected for review and remediation.
Delivered as-as-service, we integrate network IDS into our Security Intelligence 24x7 service, ingesting network threat data for analysis and response. This combines an operational framework for addressing threats with best in class technology.
Detect suspicious endpoint behaviour and take action
Threats to devices and endpoints are one of the largest challenges security teams face as remote and flexible working grows. As the threats have become more advanced and persistent, the tools to protect ourselves have also changed significantly. Far from signature-based antivirus software, EDR software uses intelligent analysis and machine learning to detect anomalies in behaviour that could indicate a breach.
However, EDR software by itself is far from an answer to this problem, as it requires a security team to analyse and respond to suspicious activity. Delivered as-as-service, our 24x7 Security Intelligence service, will provide a complete EDR solution including leading technology combined with our security response team.
Deliver access to your applications, not your entire network
Provide your people and partners access to your applications from anywhere, at any time, while severely hampering the ability of malicious users or infected devices to scan and access your network.
Zero Trust Network Access (ZTNA) hides your applications behind a trust broker, which verifies identity, considers context (e.g. where a person is and what device they are using) and confirms compliance with designated policies. Once sufficient trust is established, access is allowed to specific applications or resources.
With our cloud-native service, you will avoid appliance management and location or bandwidth limitations and ensure any number of your people can access your applications securely, from anywhere in the world, at any time. We’ll even enable you to measure and monitor the digital experience for every user and identify performance issues, whether they’re due to the device, network path, or application.
Prepare and implement your technical, policy and process controls to help prevent attacks.
A security event may be identified through manual reports, automatic alerting, systems monitoring or security monitoring.
Investigate the event, recording details and performing the initial technical analysis. Declare an incident or resolve and close the issue.
Analyse the technical details of the incident to determine the attack vectors, type and scope. Assess the potential business impact and any legal or regulatory requirements. Invoke your comms plan.
Respond to the incident by first containing the attack, then eradicating the threat. Recover any data or systems, and repair any reputational harm. Address any legal or regulatory requirements.
Review the incident, being sure to cover off the process as well as the technical response and the business outcomes. Identify areas for improvement and create a plan of action to implement any changes.
Top Shelf Tech
10 Dec 2020
December Security Brief - Top Shelf Tech w/ ZX Security
We're live on Top Shelf Tech for the December Security Brief with ZX Security. Jason Wild and Ian White (General Manager, ZX Security) will be breaking down the latest in #cybersecurity, vulnerabiliti
Top Shelf Tech
12 Nov 2020
November Security Brief - Top Shelf Tech w/ ZX Security
We're live on Top Shelf Tech for the Security Intelligence November Security Brief with ZX Security. Jason Wild and Ian White (General Manager, ZX Security) will be breaking down the latest in #cybers
10 Nov 2020
The Instillery launches new security business
Businesses need to go faster than ever in the rapidly changing world of technology. This makes it all the more important to have security services that match the pace of innovation while providing the
Top Shelf Tech
07 Oct 2020
October Security Brief - Top Shelf Tech w/ ZX Security
We're live on Top Shelf Tech for the October Security Brief with ZX Security. Jason Wild and Ian White (General Manager, ZX Security) will be breaking down the latest in #cybersecurity, vulnerabilitie
23 Sep 2020
Just do your patching!
If your security is exciting, then you've got a problem. Because really, information security is boring. Sure, you should be investing in advanced security like IDS and managed SOC services that give