We specialisE in offensive and defensive Cyber Security

We find the weak link in your security so you can patch it up fast and avoid being hacked. Our consultants have first-hand experience in securing Enterprise, Critical Infrastructure & Government.
Our Clients

who we work with

Our consultants have first-hand experience in securing Enterprise, Critical Infrastructure, Government, Defense and Regulated business sectors against current threats. By constantly investing in our team through industry leading training, tools and internal development.

The Tech

The tech we use

We pride ourselves on our technical capabilities paired with a customer-focused approach, ensuring quality over quantity and providing high value services.

case studies

problem
solution
impact
product used
testimonial
The Problem

EVENTS AND LOGS are not monitored to detect attack

While most businesses have numerous security controls in place, the events and logs from these sources are not centralised, correlated or monitored to detect various stages of a cyber-attack.
The Solution

Alchemy identify critical assets and design a SIEM

Alchemy worked with key stakeholders to identify business critical assets, information and processes. Using this information a SIEM was designed and implemented to centralise logs and events while enabling the business to proactively correlate and identify threats within all tiers of their environment.

The Impact

effective identification & Defence against attack

This gave the business granular visibility across their environment, enabling them to proactively identify and defend their business against advanced attacks.

Product Used

Splunk was used to mature defensive capabilities

Splunk is still considered the industry standard SIEM product on the market, we have utilised the flexibility of this product across a wide range of customers to dramatically mature the defensive capabilities of our customers.

Testimonial

They UnderstooD emerging tecHnology and threats

AlchemySec is my go-to Cyber Security Consultancy, Every. Time. They are quick to answer an email for the “easy” questions, or give you the detail you need to convey an issue to a client. Having worked in both the Enterprise space, as well as the Small-to-Medium business, they understand what you are trying to achieve and knows how to get the job done. I can’t recommend them highly enough.

Frequently Asked Questions

Still got questions? Contact us
contact us
Where are you located?
We are located in Adelaide, South Australia.
Do you perform work in other states or countries?
We perform both onsite and remote engagements in all states across Australia as well as overseas.

It’s free to chat

Send us a message and we will be in touch as soon as possible. And it’s free to chat

Recent Post

Detecting and defending against advanced persistent threats utilizing the latest in industry-leading tools and techniques to strengthen and mature the security posture.

Yes, Local Administrators ARE a Risk

Modern environments are in a constant state of flux; new systems are being commissioned, and old systems decommissioned, to meet new requirements and increase efficiency in all sectors. Managing those…
Read More

OSINT for Penetration Testers

Part of performing an effective and successful penetration test requires gathering as much information about the target as possible. The more information you have on your target, the more likely…
Read More

CONTI Group - The not so advanced APT

Recently in the news it was revealed that a member of an “APT” group that utilises the “Conti” ransomware became disgruntled at the state of their relationship with the group…
Read More

Hidden Cobra - Uncovering the North Korean APT

Advanced persistent threats come in many forms ranging from your crime groups, activists all the way through to your state sponsored groups. While some of these threat actors such as…
Read More

Please Sign Here - Why NTLM Relaying Is Still a Risk in 2021

The Windows Name Resolution Flow You may be under the impression that turning host names into IP addresses is simple. You check:  The Hosts file; then Your system’s DNS (Domain Name System) resolver  That’s it right? If you don’t…
Read More

The benefits of Red Teaming

Red teaming is not a new concept within the cyber security community. However in Australia, Red Teaming is a relatively new term for most organisations. In this blog post we'll…
Read More

Stealing Password Reset Tokens for Fun and Profit

When adding a “Password Reset” function to your application it is especially important to ensure this has the same security considerations as any other critical function within the application. Due…
Read More

MITRE ATT&CK Framework Primer

The MITRE ATT&CK framework is a fairly familiar term within the Cyber Security industry. It has quickly evolved from a niche framework, to the core of many security operation centers.…
Read More