AssuranceLab Partners

AssuranceLab works with an ecosystem of partners to support your compliance needs. From implementation and advisory, to penetration testing and specialist support. Connect with our partners today!
assurancelab-13-countries-audit-support-image-1
Service Partners Technology Partners
Let us match you
AssuranceLab will do all the work to match you with the best Service Partners
Partner
Cyber Matters

Cyber Matters

Cyber Matters provides niche services and solutions across cyber strategy, consulting, technology and compliance. Through our innovative security retainers and packages, we go beyond the traditional vCISO and staff augmentation and become our clients' true cybersecurity partners. Our approach focuses on information security outcomes rather than projects and services. Our core capabilities are: • Governance, risk and compliance advisory around ISO 27001, SOC2, PCI-DSS • Penetration testing covering blockchain, web applications, infrastructure and cloud • Social engineering covering phishing and vishing simulations.
Partner
Software Secured

Software Secured

Software Secured’s mission is helping companies identify, understand, and solve their security gaps through comprehensive penetration testing so their teams can sleep better at night. Specializing in manual penetration testing, services include: Pentest Essentials: Annual network pentest that meets compliance standards. Pentest 360: Annual web, mobile, and API penetration testing gains assurance that your most sensitive data is secured. Penetration Testing as a Service (PTaaS): Biannual or quarterly pentesting, with free unlimited retesting, security consulting and continuous reporting and certificates. Augmented security services such as secure code review, secure cloud review and developer training. Software Secured’s full time Canadian based hackers possess the highest regarded certifications in the industry, (OSCP, OSEP, GWAPT, GSSP, CEH, AWS Certified Security - Specialty, AWS Certified SysOps Administrator - Associate). Testing methodology is customized to clients’ attack surface and mapped to multiple standards (OWASP Top 10, SANS Top 25, WSTG, ASVS, NIST), scoring is calibrated using DREAD and CVSS and a dashboard to ingest pentest results and manage remediation avoids friction across busy technical teams. Join us in our vision of making software safer.
Partner
DNX Solutions

DNX Solutions

DNX Solutions is an Australian cloud-native-focused company and an Amazon (AWS) Advanced Consulting Partner. We work with start-ups, Small Business, and Enterprise companies from different sectors such as Financial Services, Health Care, Energy & Utilities, Software Internet, Education, Retail & Wholesale, and distribution. Since 2019 we have assisted our clients in preparing, evolving, and designing their businesses achieving their business goals utilising the benefits of the cloud.
Partner
PCI Consulting Australia

PCI Consulting Australia

PCI Consulting Australia is a Melbourne, Sydney and Brisbane based specialist firm dedicated to assisting businesses adhere to the Payment Card Industry Data Security Standard (PCI DSS) requirements. Our experienced team provide pragmatic, common sense consulting solutions to fit budget, operational and compliance requirements of the Payment Card Industry. Our two primary services are PCI DSS assessment and advisory services; and penetration testing. We maintain two separate teams with skillsets to match. Our penetration team can offer testing more broadly than just PCI DSS testing.
Partner
Eden Data

Eden Data

Drata's Partner of the Year (2023, 2024 & 2025)! If you're a cloud-based company, managing security/compliance can be a big ole burden! From managing audit periods to documenting monotonous policies or even just filling out those pesky Security Questionnaires, it's no wonder companies rather hide from cybersecurity initiatives instead of embracing them! Thankfully, you don't have to kick this can down the road any longer with Eden Data by your side. We offer scalable security, compliance and data privacy services for any obstacle that customers, regulators, or Putin himself throw at you! Whether you need someone to build a security strategy and lead the program or simply need support to pass an upcoming audit, we've got you covered. TL;DR Value Propositions • 1-stop shop for security/compliance management • We're in your (Slack) DM's, accessible any time • Crazy good at project management • We are on subscription, and typically less than a full time employee • We have WAY more experience collectively than an FTE can offer, so we can replace or support FTE security pros! We can help with all sorts of things, but here are a few things we've helped real(ly cool) Drata customers with: • SOC 2/ISO 27001/HIPAA/GDPR Readiness: we build your entire compliance program within Drata, no matter what stage. From policies and controls to vendor management program and making changes in your cloud environment, let us take you from zero to 'Here's A Flawless Report Mrs. Customer' in just a few months! • Cloud Security Maturity: we've got security nerds on the team with deep experience in building and automating security processes into AWS and GCP. We can work directly with your engineers to secure your environment, align with various compliance standards, or create better efficiencies. We even have some proprietary and third party tools to offer monitoring solutions around your entire infrastructure (in addition to what Drata helps monitor for)! • Data Privacy as a Service: with data privacy laws popping up in most countries around the world, Eden Data can serve as your Data Privacy Officer and establish a robust privacy program based on the service(s) you provide. We can conduct privacy assessments, transfer assessments, gap assessments, oh me oh my! We Aren't Mad At Traditional Cyber Firms, Just Disappointed To put it simply: Eden Data is just built different. Our team consists of former Big 4 and US military auditors/cyber specialists. You have access to a team, not just an individual!
Partner
Novacare

Novacare

Novacare Consulting was built to empower businesses to navigate the ever-evolving challenges of compliance with confidence. We prioritise understanding your organisation’s context, offering modular and customised solutions that go far beyond the standard checklist. Our commitment is to provide a meaningful and effective governance, risk, and compliance system that drives your success. What does that look like? It could be a quick policy review, obtaining a business-critical certification, over-hauling your entire Risk, Governance, and Compliance program, or providing your organisation with a fully managed vCISO/vCRO/vCDO - whatever it is, we’re here to help. Specialising in ISO 27001, SOC2, Australian Privacy Act, GDPR, and more, reach out for a chat around your businesses current compliance needs.
Partner
Kobalt.io

Kobalt.io

Kobalt.io is a rapidly growing company that manages all aspects of cybersecurity programs for small and medium-sized, cloud-native businesses. Our team acts as an extension of our clients, considering their unique limitations and needs and supporting them with services ranging from security program-as-a-service to privacy management and 24/7 monitoring. Ensuring our client’s security and helping drive their business growth are our top priorities.
Partner
phew

phew

phew is a well-regarded, boutique cyber security company, providing penetration testing services to a range of customers in New Zealand, Australia and internationally. We are experienced at all types of testing, including websites, web and mobile applications, APIs, SaaS solutions, IP addresses, and networks. Our comprehensive testing approach includes not only using highly skilled and certified testers who follow the latest testing techniques and standards, but also placing emphasis on clear ongoing communication with our customers. Our written testing reports are of a high standard and include detailed feedback on vulnerabilities and recommendations, along with proofs of concepts. We also provide assurance reports for external stakeholders once remediation and re-testing has been completed. As well as single engagements, we offer periodic assessments (for example on a quarterly, six-monthly or annual basis), which provide cost efficiencies, and include optional security assurance services such as phish testing, website badge, port scanning, and IaaS assessments. Have a chat to us today about your requirements and we'd be delighted to provide you with a comprehensive proposal setting out our testing approach, outputs, and pricing options.
Partner
Rhymetec

Rhymetec

Fast-forward your cybersecurity, compliance, and data privacy: Our mission is to reduce the complexities of cloud security, make cutting-edge cybersecurity services available to you, and get you compliant faster, so you can focus more on other critical aspects of growing your business. HOW RHYMETEC CLIENTS ARE SUCCEEDING WITH OUR SOLUTIONS: • Fast-Track Compliance: Streamlined processes to help meet customer and investor demands quickly. • Scalable Solutions: Infosec strategies that grow with your business, from “stealth mode” to expansion. • Cost-Effective Expertise: Get enterprise-level support without the overhead of a full-time security team. • Credibility Boost: Build trust with prospects and partners through proven compliance and risk management. • Hands-On Support: Our team works as an extension of yours, simplifying your path to compliance. • Seamless Integration, Minimal Disruption: Security services that fit into your workflows without slowing down innovation. ONE-STOP SOLUTIONS TO HELP YOU STRENGTHEN, MAINTAIN, OR IMPROVE YOUR SECURITY POSTURE: • vCISO (Virtual CISO) Services to establish an effective and compliant infosec program through managed services • Compliance Readiness & Management to help you prep for and get through your audits • ISO Internal Audit Services to evaluate your organization's information security policies and processes against various ISO standards • Penetration Testing including API Pen Tests, External Network Pen Tests, Mobile App, Web App Pen Tests, and more • Phishing Testing and Training and other security assessment services WAYS RHYMETEC MAKES CYBERSECURITY EASY FOR YOU: • No Templates, Just Tailored Solutions: We don’t offer one-size-fits-all, check-the-box services. We build customized information security programs tailored to your unique environment. • Utilize a Certified InfoSec Leader: Our team holds top certifications like CISSP, OSCP, OSWE, ISO Internal Auditor, and more—showcasing our deep expertise and commitment to best practices. • Reduce Your Time to Market: With over a decade of refining our processes, we get clients compliant in a fraction of the time. This accelerates time-to-market, helping you meet stakeholder needs, stay competitive, and seize higher-value opportunities. • Maximize Your GRC Spend: As a vendor-agnostic partner with years of experience across various GRC tools, we help you get the most out of your GRC spend. Work with an infosec expert who doubles as a GRC platform guru, ensuring you maximize your investment.
Partner
Cognisys

Cognisys

Cognisys are your trusted security and compliance partner offering GRC consulting, CREST-accredited penetration testing and our industry-leading vulnerability management service, SmartScan. As one of Vanta’s leading global partners, we’ve helped hundreds of business accelerate their journey to achieving their compliance goals including achieving SOC 2 and ISO 27001.
Partner
IdentityXP

IdentityXP

IdentityXP is an Australian Identity & Access Management (IAM) focussed consultancy and technology provider. Our team delivers all services from strategy and architecture through to implementation for all types of identity projects be they customer identity, workforce identity, citizen identity or privileged access - all with a focus on maximising the User's experience. We are a Gold Silverfort partner, Yubico partner and Microsoft partner. The team are exceptionally experienced, delivering projects with a wide range of identity technologies including Microsoft Azure AD, Azure B2C, Azure PIM, as well as others such as Okta, SailPoint and Auth0. Migrating off legacy IAM products like CA SiteMinder and Oracle Access Manager is one of our sweet spots. Products and Services - Identity & Access management consulting, strategy, architecture and implementation - Workforce, Customer, System and Partner Identity - Our products include: Okta, Microsoft Identity products such as Active Directory, Azure Active Directory, Azure Privileged Access Management, Multi factor authentication with Yubico Yubikeys, 1password password vault and Multi factor authentication for Active Directory with Silverfort
Partner
gwi.digital

gwi.digital

At gwi.digital, thats exactly what we do – project delivery and managed services across core systems, data and AI, and GRC/cybersecurity. We’re not consultants, we’re implementers – we roll our sleeves up and do the work. In the governance, risk and compliance space, our flexible range of business risk management focused assessments, improvement frameworks and certified compliance programs give customers both peace of mind and the power to make informed cybersecurity choices which drive tangible benefits. We've chosen to work with Drata, the leading security and compliance automation platform that continuously monitors and collects evidence of a company’s security controls, while streamlining compliance workflows end-to-end to ensure audit readiness. With Drata, we offer both licensing (resale and MSSP) and professional / advisory services, up to and including certification against standards such as Essential Eight, SOC2 and ISO27001, and custom frameworks which apply in the Australia-New Zealand region.
Partner
Bullet Proof

Bullet Proof

At Bulletproof, security is in our DNA. As a pioneering cyber security company, we’re laser-focussed on bringing innovation and simplicity to all areas of cyber security, data protection and compliance. An established leader in the UK market, we have the expertise and experience to help you through your complex challenges. So, if you’re just starting out with Cyber Essentials, looking for a better penetration test, seeking strategy from a virtual CISO, in need of GDPR compliance or support for ISO 27001 – talk to us. We’ve solved these problems before for our customers, and we’d love to help you too.
Partner
PolarSeven

PolarSeven

PolarSeven helps clients take advantage of the opportunities Cloud has to offer to create successful and sustainable business outcomes. We use our technical capabilities and experience to help organisations adopt, modernise and thrive in the Cloud. With our collaborative approach, we focus on long-term relationships and sustainable business outcomes. Capabilities include: Cloud Migration, Managed Cloud, Remote Working, DevOps and Automation, Microsoft Workloads, Well Architected Framework Review and Cloud Consultancy Projects.
Partner
OTH Security

OTH Security

OTH Security, founded by technology veterans with 60 years' collective experience, offers innovative solutions driven by excellence and partnership, ensuring exceptional client service and comprehensive digital defense. Our 360 degree vCISO services and programs are designed for startups to enterprises in regulated industries. Our mission is to provide organizations with cutting-edge cybersecurity services that promote sustainable business and long-term growth while protecting their most valuable asset — their data. Specialties: Pen Testing, vCISO and Advisory, Security Program Management and Development, Tabletop Exercises, Cybersecurity Awareness Training
Partner
Com-Sec

Com-Sec

Com-Sec: Security and Compliance made easy. Com-Sec understands the challenges startups and businesses face in achieving security certifications and compliance. Our mission is to support you every step of the way, ensuring your business is protected and meets all necessary regulations. Here's how we can help: • Compliance/Audit Readiness & Maintenance (SOC2, HITRUST, ISO, PCI): We assist organizations in achieving SOC2 Type I and Type II compliance. Our comprehensive approach includes readiness assessments, gap analysis, policy development, controls implementation, and ongoing support to meet the stringent SOC2 standards and maintain compliance. • Ongoing vCISO/Security, Compliance, and IT Support: Our experts will be your security, compliance and IT support teams, managing all aspects of security and compliance from vulnerability and personnel develop and implement robust cybersecurity strategies, ensuring compliance with industry regulations, and mitigating emerging threats. We also can handle all aspects of IT Support from Onboarding/Offboarding and Access Management. • Penetration Testing and More: Our penetration testing team conducts rigorous assessments to identify security weaknesses and vulnerabilities. Through a combination of automated and manual techniques, we simulate real-world attack scenarios, providing detailed reports and recommendations for remediation. We also conduct and facilitate Security Risk Assessments, Incident Response Exercises, BC/DR Testing, ADA Testing, Cookie/Privacy Audits and more. Whether you're pursuing industry-specific certifications like SOC2 or HITRUST, or simply striving for best cybersecurity practices and data privacy, we're here to assist you in establishing and reinforcing your security and compliance program. About Us: We are dedicated to safeguarding organizations' digital assets, ensuring their compliance with industry regulations, and reducing the burden of IT onboarding/offboarding and access management. With a team of seasoned cybersecurity and compliance experts, we provide comprehensive solutions tailored to the unique needs of our clients. For more information on how we can enhance your security posture and readiness for certification, please visit https://www.com-sec.io/, schedule a chat with us https://calendly.com/ffakhrai, or reach out to us at team@com-sec.io. Your business's security and compliance are our top priorities. Partner with Com-Sec for a secure and compliant future.
Partner
Threat Intelligence

Threat Intelligence

Threat Intelligence not only dedicates our world-class cyber security specialists; our modern approach to delivering cyber security services utilizes the world’s first Security Automation Cloud, Evolve - designed and operated by our team. Combining our globally recognized security methodologies with automated security capabilities allows Threat Intelligence to set a continually increasing security baseline across our team and services. Our approach is designed to utilize specialist security automation capabilities to streamline engagements, automate time-intensive activities, deliver greater coverage and increase the quality of our outcomes. This allows our specialist team to focus their expertise on advanced attacks and concepts and spend more time delving deeper into areas of your environment to locate the critical security weaknesses that introduce real risks to your business.
Partner
TrustedCISO

TrustedCISO

TrustedCISO specializes in helping startups achieve SOC2 compliance as well as building their information security program. I'm experienced in SOC2, ISO27001, FedRAMP, HIPAA, HITRUST, CMMC, and NIST CSF. I'll act as your virtual CISO leading the audit and providing information security leadership. TrustedCISO is a 100% woman and veteran owned company. I have 30 years of experience in Information Security. I will ensure your company achieves its compliance goals while lowering its risk. TrustedCISO provides expert vCISO services along with managing your audit from start to finish.
Partner
Open Cybersecurity

Open Cybersecurity

Open Cybersecurity is a cybersecurity and compliance consultancy recognized for providing leading data protection and compliance services. We simplify and centralize cybersecurity, serving companies of all sizes and market segments. Our services range from information security risk analysis to the development of robust data protection and compliance policies. Additionally, we are passionate about educating and raising awareness among teams through training and lectures, ensuring your organization stays ahead of digital security challenges. Open Cybersecurity: Data protection and compliance you can trust. 🔒📊 Contact us: 📧 info@opencybersecurity.com.br 📞 +55 11 2909-2776
Partner
Resilient IT

Resilient IT

Based in Auckland, New Zealand, Resilient IT specialises in business continuity (ISO22301) and information security management (ISO27001) consulting and training, helping protect New Zealand businesses from disruptive and damaging incidents before, during, and after they occur. Our strong history in business continuity, information security, disaster recovery, solutions architecture, infrastructure, networking, and managed solutions has been developed through involvement in a wide range of industry sectors with some of New Zealand’s largest enterprises and most innovative businesses.
Powered by PartnerPage