Need help?

News and updates

Learn more >

SharpC2 in the real world

Introduction to SharpC2 SharpC2 is an open-source (.NET based) command-and-control framework developed by RastaMouse. The main component of SharpC2 is the TeamServer (and related .NET

Read More »

Hey nice business!

Hey, nice business! Lack of awareness has led some organisations to believe that ransomware and extortion attacks are uncommon and that the perceived level of

Read More »

OUR CYBER SERVICES

ISO 27001 consulting

Practical and experienced Australian ISO 27001 and ISMS consulting services. We will help you to establish, implement and maintain an effective information security management system (ISMS).

Learn more>

Penetration tests

DotSec’s penetration tests are conducted by experienced, Australian testers who understand real-world attacks and secure-system development. Clear, actionable recommendations, every time.

Learn more>

PCI DSS

dotSec stands out among other PCI DSS companies in Australia: We are not only a PCI QSA company, we are a PCI DSS-compliant service provider so we have first-hand compliance experience.

Learn more>

WAF and app-sec

Web Application Firewalls (WAFs) are critical for protecting web applications and services, by inspecting and filtering out malicious requests before they reach your web servers

Learn more>

Identity management

Multi-Factor Authentication (MFA) and Single Sign-On (SSO) reduce password risks, simplify access, letting verified and authorised users reach sensitive systems, services and apps.

Learn more>

Vulnerability management

dotSec provides comprehensive vulnerability management services. And we analyse findings in the context of your specific environment, priorities and threat landscape.

Learn more>

Phishing and soc eng

We don’t just test whether users will click a suspicious link — we also run exercises, simulating phishing attacks that are capable of bypassing multi-factor authentication (MFA) protections.

Learn more>

Penetration testing

DotSec’s penetration testing services help you identify and reduce technical security risks across your applications, cloud services and internal networks. Clear, actionable recommendations, every time!

Learn more>

Managed SOC/SIEM

dotSec has provided Australian managed SOC, SIEM and EDR services for 15 years. PCI DSS-compliant and ISO 27001-certified. Advanced log analytics, threat detection and expert investigation services.

Learn more>

Secure configuration

We provide prioritised, practical guidance on how to implement secure configurations properly. Choose from automated deployment via Intune for Windows, Ansible for Linux or Cloud Formation for AWS.

Learn more>

Secure cloud hosting

Secure web hosting is fundamental to protecting online assets and customer data. We have over a decade of AWS experience providing highly secure, scalable, and reliable cloud infrastructure.

Learn more>

Essential eight

DotSec helps organisations to benefit from the ACSC Essential Eight by assessing maturity levels, applying practical security controls, assessing compliance, and  improving resilience against attacks.

Learn more>

Advisory services

We have over 25 years of cyber security experience, providing practical risk-based guidance, advisory and CISO services to a wide range of public and private organisations across Australia.

Learn more>

LET US KNOW HOW WE CAN HELP

If your organisation needs reliable penetration testing, meaningful SIEM/MDR services or practical GRC support, DotSec delivers. Our team combines senior engineering capability with ISO 27001 and PCI DSS expertise to provide clear, actionable outcomes backed by more than 25 years of proven experience.

Let's get started! >