AssuranceLab Partners

AssuranceLab works with an ecosystem of partners to support your compliance needs. From implementation and advisory, to penetration testing and specialist support. Connect with our partners today!
assurancelab-13-countries-audit-support-image-1
Service Partners Technology Partners
Let us match you
AssuranceLab will do all the work to connect you with the best Service Partner.
Partner
DNX Solutions

DNX Solutions

DNX Solutions is an Australian cloud-native-focused company and an Amazon (AWS) Advanced Consulting Partner. We work with start-ups, Small Business, and Enterprise companies from different sectors such as Financial Services, Health Care, Energy & Utilities, Software Internet, Education, Retail & Wholesale, and distribution. Since 2019 we have assisted our clients in preparing, evolving, and designing their businesses achieving their business goals utilising the benefits of the cloud.
Partner
Software Secured

Software Secured

Software Secured’s mission is helping companies identify, understand, and solve their security gaps through comprehensive penetration testing so their teams can sleep better at night. Specializing in manual penetration testing, services include: Pentest Essentials: Annual network pentest that meets compliance standards. Pentest 360: Annual web, mobile, and API penetration testing gains assurance that your most sensitive data is secured. Penetration Testing as a Service (PTaaS): Biannual or quarterly pentesting, with free unlimited retesting, security consulting and continuous reporting and certificates. Augmented security services such as secure code review, secure cloud review and developer training. Software Secured’s full time Canadian based hackers possess the highest regarded certifications in the industry, (OSCP, OSEP, GWAPT, GSSP, CEH, AWS Certified Security - Specialty, AWS Certified SysOps Administrator - Associate). Testing methodology is customized to clients’ attack surface and mapped to multiple standards (OWASP Top 10, SANS Top 25, WSTG, ASVS, NIST), scoring is calibrated using DREAD and CVSS and a dashboard to ingest pentest results and manage remediation avoids friction across busy technical teams. Join us in our vision of making software safer.
Partner
PCI Consulting Australia

PCI Consulting Australia

PCI Consulting Australia is a Melbourne, Sydney and Brisbane based specialist firm dedicated to assisting businesses adhere to the Payment Card Industry Data Security Standard (PCI DSS) requirements. Our experienced team provide pragmatic, common sense consulting solutions to fit budget, operational and compliance requirements of the Payment Card Industry. Our two primary services are PCI DSS assessment and advisory services; and penetration testing. We maintain two separate teams with skillsets to match. Our penetration team can offer testing more broadly than just PCI DSS testing.
Partner
Eden Data

Eden Data

Drata's Partner of the Year (2023)! If you're a cloud-based company, managing security/compliance can be a big ole burden! From managing audit periods to documenting monotonous policies or even just filling out those pesky Security Questionnaires, it's no wonder companies rather hide from cybersecurity initiatives instead of embracing them! Thankfully, you don't have to kick this can down the road any longer with Eden Data by your side. We offer scalable security, compliance and data privacy services for any obstacle that customers, regulators, or Putin himself throw at you! Whether you need someone to build a security strategy and lead the program or simply need support to pass an upcoming audit, we've got you covered. TL;DR Value Propositions • 1-stop shop for security/compliance management • We're in your (Slack) DM's, accessible any time • Crazy good at project management • We are on subscription, and typically less than a full time employee • We have WAY more experience collectively than an FTE can offer, so we can replace or support FTE security pros! We can help with all sorts of things, but here are a few things we've helped real(ly cool) Drata customers with: • SOC 2/ISO 27001/HIPAA/GDPR Readiness: we build your entire compliance program within Drata, no matter what stage. From policies and controls to vendor management program and making changes in your cloud environment, let us take you from zero to 'Here's A Flawless Report Mrs. Customer' in just a few months! • Cloud Security Maturity: we've got security nerds on the team with deep experience in building and automating security processes into AWS and GCP. We can work directly with your engineers to secure your environment, align with various compliance standards, or create better efficiencies. We even have some proprietary and third party tools to offer monitoring solutions around your entire infrastructure (in addition to what Drata helps monitor for)! • Data Privacy as a Service: with data privacy laws popping up in most countries around the world, Eden Data can serve as your Data Privacy Officer and establish a robust privacy program based on the service(s) you provide. We can conduct privacy assessments, transfer assessments, gap assessments, oh me oh my! We Aren't Mad At Traditional Cyber Firms, Just Disappointed To put it simply: Eden Data is just built different. Our team consists of former Big 4 and US military auditors/cyber specialists. You have access to a team, not just an individual!
Partner
Hunter Orbit

Hunter Orbit

Hunter Orbit are Newcastle's only locally owned and operated AWS consulting partner. We specialise in IT security and IT managed services with expertise in regulatory compliance and Amazon Web Services. Our consultants have decades of experience in the IT industry as well as industry recognised certifications and a body of published research. We have a detailed understanding of the latest security standards and how these apply to different types of organisations. Our experienced consultants can provide you with the right solution to protect your organisation and optimise your IT investment.
Partner
CyberNinja Consulting Pty Ltd

CyberNinja Consulting Pty Ltd

CyberNinja Consulting, your trusted partner in Cybersecurity, Governance and Compliance with over 15 years of industry expertise. Specialising in CyberSecurity Gap Analysis, ISO27001 audit preparation, and IT Risk Management. Our team of experienced professionals has extensive knowledge and a proven track record in the industry, making us a trusted partner for companies looking to secure their digital assets. Our commitment to staying ahead of the latest threats and technologies has earned us a reputation as a leader in the field. At CyberNinja, we believe in a personalised approach to cybersecurity. Our services are tailored to meet the unique needs of each of our clients, ensuring that their digital environment is protected from all angles. We are proud to have served businesses of all sizes across a variety of industries, and our long-standing relationships with our clients speak to the quality of our services. With CyberNinja as your first line of defence, you can rest assured that your digital assets are in good hands. Our goal is to provide peace of mind so you can focus on growing your business with confidence. Services Offered: ISO/IEC 27001 Implementation and Audit Preparation At CyberNinja, our ISO/IEC 27001 Implementation and Audit Preparation service is comprehensive and detailed. We start by evaluating your current information security management system (ISMS) against ISO/IEC 27001 standards. CyberSecurity Gap Analysis Delve into comprehensive security insights with CyberNinja's CyberSecurity Gap Analysis service. Our rigorous approach evaluates every facet of your security posture. We meticulously analyse your IT infrastructure, scrutinising systems, processes, and policies. Security Manager as a Service (SMaaS) Security Manager as a Service (SMaaS)" is a tailored offering where CyberNinja provides comprehensive, ongoing security management for your business. SMaaS by CyberNinja is ideal for organisations seeking expert security management without the need for a full-time in-house security manager.
Partner
IdentityXP

IdentityXP

IdentityXP is an Australian Identity & Access Management (IAM) focussed consultancy and technology provider. Our team delivers all services from strategy and architecture through to implementation for all types of identity projects be they customer identity, workforce identity, citizen identity or privileged access - all with a focus on maximising the User's experience. We are a Gold Silverfort partner, Yubico partner and Microsoft partner. The team are exceptionally experienced, delivering projects with a wide range of identity technologies including Microsoft Azure AD, Azure B2C, Azure PIM, as well as others such as Okta, SailPoint and Auth0. Migrating off legacy IAM products like CA SiteMinder and Oracle Access Manager is one of our sweet spots. Products and Services - Identity & Access management consulting, strategy, architecture and implementation - Workforce, Customer, System and Partner Identity - Our products include: Okta, Microsoft Identity products such as Active Directory, Azure Active Directory, Azure Privileged Access Management, Multi factor authentication with Yubico Yubikeys, 1password password vault and Multi factor authentication for Active Directory with Silverfort
Partner
Jones IT

Jones IT

Jones IT is the largest and highest-rated IT firm in the San Francisco Bay Area. We specialize in providing IT services for fast-moving companies and we're the only MSP that's worked with over 250 venture-backed startups. We achieved our SOC 2 Type 2 with Drata and we can help your company do the same.
Partner
ARANKISH Group Pty Ltd

ARANKISH Group Pty Ltd

ARANKISH Group is a renowned and leading cyber security services provider that specialises in delivering comprehensive solutions to protect businesses and organisations from the growing cyber security threat landscape; and making them resilient. With a strong focus on advanced technological and industry expertise, ARANKISH Group offers a wide range of services to safeguard sensitive data, intellectual property, and critical infrastructure from cyberattacks. The group is comprised of a team of highly skilled and certified professionals with extensive knowledge and experience in cyber security. The team possess a deep understanding of emerging threats, vulnerabilities, and attack vectors, allowing us to develop proactive strategies and implement robust defences to mitigate risks effectively. ARANKISH Group stands as a trusted cyber security services provider, delivering comprehensive and tailored solutions to protect businesses and organisations from ever-increasing cyber threats. With our expertise and commitment to client success, we serve as a reliable partner in fortifying the security posture of our clients and enabling you to navigate the complex cyber security landscape with confidence.
Partner
Cyber Matters

Cyber Matters

Cyber Matters provides niche services and solutions across cyber strategy, consulting, technology and compliance. Through our innovative security retainers and packages, we go beyond the traditional vCISO and staff augmentation and become our clients' true cybersecurity partners. Our approach focuses on information security outcomes rather than projects and services. Our core capabilities are: • Governance, risk and compliance advisory around ISO 27001, SOC2, PCI-DSS • Penetration testing covering blockchain, web applications, infrastructure and cloud • Social engineering covering phishing and vishing simulations.
Partner
Cythera

Cythera

Cythera is an Australian cyber security company with in-house cyber security professionals providing world-class cyber protection to medium to large companies and businesses all over Australia from the Cythera offices in Melbourne, Brisbane and Sydney. Cyber attacks, data breaches, and regulatory compliance requirements are just a few examples of the risks that companies must manage. That's where we come in. Our team of experts has years of experience helping businesses identify and mitigate technology risks. Our expert team understand that navigating the complex landscape of technology risk and compliance can be overwhelming for businesses of all sizes. That's why we're here to help. Our experienced professionals provides tailored solutions to meet your specific needs, including gap analysis and capability remediation for ISO 27001 or SOC2 Type 2 certification. At Cythera, we understand that compliance requirements can be time-consuming and complex which is why we offer managed services to help you navigate the compliance process. Take advantage of ongoing support to ensure that your business stays compliant with the latest regulations that frees you up to focus on your core business activities. Our team of professionals will work with you every step of the way to ensure that you achieve the certifications you need to stay competitive in today's fast-paced business environment.
Partner
Torch by Project IO

Torch by Project IO

Torch helps teams measure their impact beyond compliance standards. Gain deep insights into your organisations' social impact and fine-tune your strategic approach using our powerful platform. Our team have decades of experience measuring impact for some of the world's largest international development donors and are now focused on using that experience to help impact-focused private organisations and social enterprises achieve even greater impact. We believe that all organisations can be a vehicle for greater social and economic change. Get in touch with us to find out how we can help improve your organisations social impact.
Partner
Sentaris

Sentaris

Sentaris is a security services provider specialising in assurance and response services. Founded in 2015 to address a gap in the market, we have grown from strength to strength due to the trust in our brand. This is demonstrated by our achievement of placing in the CRN Top 50 - fastest growing IT companies in 2019. Our desire to strive for excellence is evident outside of technical certifications and associations such as our CREST membership. We also want to ensure our company makes a positive impact across our employees, customers, suppliers, community and the environment by working towards B-Corporation certification. Today, Sentaris has employees spanning across Melbourne and Sydney who service all Australian states as well as international customers. Responding to the needs of our customers as well as the specialisation of our staff, Sentaris now provides a much more comprehensive suite of Security Services outside of just Penetration Testing. Even though we have a broader service offering, we still maintain our vision of delivering high quality business-focused services.
Partner
Threat Intelligence

Threat Intelligence

Threat Intelligence not only dedicates our world-class cyber security specialists; our modern approach to delivering cyber security services utilizes the world’s first Security Automation Cloud, Evolve - designed and operated by our team. Combining our globally recognized security methodologies with automated security capabilities allows Threat Intelligence to set a continually increasing security baseline across our team and services. Our approach is designed to utilize specialist security automation capabilities to streamline engagements, automate time-intensive activities, deliver greater coverage and increase the quality of our outcomes. This allows our specialist team to focus their expertise on advanced attacks and concepts and spend more time delving deeper into areas of your environment to locate the critical security weaknesses that introduce real risks to your business.
Partner
phew

phew

phew is a well-regarded, boutique cyber security company, providing penetration testing services to a range of customers in New Zealand, Australia and internationally. We are experienced at all types of testing, including websites, web and mobile applications, APIs, SaaS solutions, IP addresses, and networks. Our comprehensive testing approach includes not only using highly skilled and certified testers who follow the latest testing techniques and standards, but also placing emphasis on clear ongoing communication with our customers. Our written testing reports are of a high standard and include detailed feedback on vulnerabilities and recommendations, along with proofs of concepts. We also provide assurance reports for external stakeholders once remediation and re-testing has been completed. As well as single engagements, we offer periodic assessments (for example on a quarterly, six-monthly or annual basis), which provide cost efficiencies, and include optional security assurance services such as phish testing, website badge, port scanning, and IaaS assessments. Have a chat to us today about your requirements and we'd be delighted to provide you with a comprehensive proposal setting out our testing approach, outputs, and pricing options.
Partner
PX Partners

PX Partners

PX Partners are a team of real practitioners who help clients achieve their governance, risk & compliance (GRC) objectives. We have walked in your shoes and understand your realities and the challenges. We bring leading expertise to support clients with pragmatic, sustainable solutions that do not compete with customer experience. Our team has actual experience working in GRC roles with organisations of all sizes. We have led risk and compliance functions, supported management and boards, and fulfilled statutory roles. With PX Partners you can expect leading expertise, progressive transparency and pervasive rigour in everything we do. GOVERNANCE • Board advice on risk management strategy • Board reporting and management information • Board evaluations • Due diligence • Culture and conduct reviews • Board and Committee membership • Company Secretarial and Board administration RISK FRAMEWORK • Risk management strategies and risk appetite statements • Obligation and control mapping • Risk and control self-assessments • Key Risk Indicators • Risk management systems • Assurance activities and controls assurance • Thematic reviews and deep dives • Incident and issue framework COMPLIANCE • Licensing applications • Compliance plans • Compliance monitoring • Policy development • Internal dispute resolution • Distribution compliance • Regulatory change • Customer conversation design • Product governance • Breach reporting and regulatory responses • Regulatory filings and notifications FINANCIAL CRIME • Independent review to meet requirements of AML/CTF Act • Program and policy development • AML/CTF Officer • Risk assessments • Client on-boarding solutions • Transaction monitoring framework design • AUSTRAC reporting and responses
Partner
PolarSeven

PolarSeven

PolarSeven helps clients take advantage of the opportunities Cloud has to offer to create successful and sustainable business outcomes. We use our technical capabilities and experience to help organisations adopt, modernise and thrive in the Cloud. With our collaborative approach, we focus on long-term relationships and sustainable business outcomes. Capabilities include: Cloud Migration, Managed Cloud, Remote Working, DevOps and Automation, Microsoft Workloads, Well Architected Framework Review and Cloud Consultancy Projects.
Partner
Readiitel

Readiitel

Readiitel is an IT solutions and Managed Services Provider delivering outstanding business IT, Cloud, and communications solutions to small and mid-market businesses.
Partner
Resilient IT

Resilient IT

Based in Auckland, New Zealand, Resilient IT specialises in business continuity (ISO22301) and information security management (ISO27001) consulting and training, helping protect New Zealand businesses from disruptive and damaging incidents before, during, and after they occur. Our strong history in business continuity, information security, disaster recovery, solutions architecture, infrastructure, networking, and managed solutions has been developed through involvement in a wide range of industry sectors with some of New Zealand’s largest enterprises and most innovative businesses.
Powered by PartnerPage