Services
Every engagement is led by a human tester and delivered as a fixed-price project. No hourly meters, no scanner-only reports, no severity inflation. Below is everything we offer.
Web applications, APIs, internal and external networks, cloud infrastructure, and IoT devices. Black, grey or white box.
Web application testing
API security testing
Internal and external network tests
Firewall configuration review
IoT device testing
LLM-integrated application assessment, prompt injection testing, and cloud environment review for AWS, Azure and GCP.
LLM application testing
AWS Well-Architected review
IAM and least privilege audit
Cloud migration security
Secrets and credential handling
SCADA, DCS, and historian assessments for resources, critical infrastructure and industrial operators. Engineering-led.
Current-state assessment
OT network policy development
Incident response playbooks
Tabletop exercises
IEC 62443 alignment
Assessments scoped and reported for specific frameworks, not recycled from a generic template.
APRA CPS 234
PCI DSS
SOC 2 and ISO 27001
ASD Essential 8 maturity
ASD ISM alignment
Automated external exposure scan of a single domain. A$399 one-off, run through app.cybernode.au. Ideal as a first look before scoping a manual engagement.
Research and product →Fractional security leadership for organisations that need strategy, roadmap and board-level reporting without a full-time hire. Typical engagements run one to two days per month.
Talk to us →Common questions
Scoping, reconnaissance, manual exploitation, a written report with findings rated by real-world impact, and a free retest within 60 days.
Engagements are fixed-price. A typical web application test starts from around AUD 12,000 and scales with scope. We provide a firm price after a scoping call.
Yes. vCISO retainers are available for organisations that need strategic security leadership without a full-time hire.
Most engagements start within two to three weeks of signed scope. Urgent work is possible and quoted separately.