top of page

Penetration Testing and Cyber Security Services

Cyberoptic offers a focused range of penetration testing and security assessment services to help New Zealand businesses understand and address their security risks. All engagements begin with understanding your environment, your business context, and what matters most, so the work we deliver is relevant to you.

If you'd like to discuss how we can support your security, contact us to arrange an initial consultation at no cost.

If you would like to know more about vulnerability scanning, pen testing, and red team exercises, please see our guidance here: The difference between a pen test, a vulnerability scan, and a red team exercise.

CyberSafe Essentials

CyberSafe Essentials covers three areas attackers consistently target in NZ SMBs: your Microsoft 365 tenant, your internet-facing infrastructure, and your corporate website.

Each in scope system is manually reviewed by a professional consultant to identify real-world risk, and provide relevant guidance.

Fixed price of: $5,200

Includes:

  • Microsoft 365 Secure Configuration Review

  • Manual Security Review of Internet Facing Assets

  • Manual Security Review of Your Corporate Website.

Read More

Technical Controls Validation

Most organisations have security controls in place. Whether those controls are configured correctly, and would actually stop an attacker, is a different question.

 

Technical Controls Validation tests your defences from multiple angles to find out: email security, endpoint and server protection, network hardware, and DoS resilience. 

 

​Controls include:

 

  • Denial of Service (DoS) testing

  • Email security controls 

  • Workstation security 

  • Server security 

  • Network hardware

Read More

Vulnerability Scanning

Our Vulnerability Scanning services is an automated assessment of your internal or external network facing assets and web applications.

 

Results from these scans are manually reviewed to assess for false positives and to provide guidance on valid findings.

Vulnerability Scanning services include:

  • Internal Networks

  • External Networks

  • Web Applications

Penetration Testing

Cyberoptic tests web applications, APIs, networks, mobile apps, cloud environments, and hardware, scoped to what matters for your business.

 

Engagements combine automated scanning with manual testing. Automated tools cover known signatures quickly; manual testing finds the vulnerabilities that come from how your specific systems are built and connected: logic flaws, trust relationships, attack paths that only appear in combination.

 

Reports describe each finding in plain terms, covering what it is, how it could be exploited, and what to fix.

Our penetration testing services include:

  • Web Applications

  • AI and LLMs

  • APIs

  • Mobile Applications

  • Internal Networks

  • External Networks

  • Hardware and IoT

  • Cloud Infrastructure

  • PCI Compliance

Read More

Secure Configuration Reviews

Many breaches trace back to misconfiguration rather than novel exploits. An open storage bucket, overly permissive roles, or logging that was never turned on.

 

Our Secure Configuration Reviews examine your cloud or SaaS environment against security baselines and vendor guidance, covering identity and access controls, network settings, encryption, and monitoring. Findings come with the specific configuration changes required, not a list of things to think about.

Platforms covered:

  • Amazon Web Services (AWS)

  • Azure

  • Microsoft 365 (M365)

  • Google Cloud Platform (GCP)

  • SaaS Solutions

Read More
bottom of page