Hero

Security Testing

We distinguish ourselves from commoditised security testing by stubbornly holding onto our founding principle of delivering the highest quality and on-going capability uplift. We help organisations fortify their products against cyber threats using a code-assisted and threat driven security testing approach.

coverage

Aligning with Industry Standards

Our testing methodologies are baselined against industry testing standards such as OWASP Application Security Verification Standard (ASVS), MITRE Common Weaknesses and Exposure (CWE), and MITRE ATT&CK.

Coverage across the technology stack

Web Applications
Web Applications
Mobile Applications
Mobile Applications
Native Applications
Native Applications
Cloud Infrastructure
Cloud Infrastructure
Embedded and IoT
Embedded and IoT
Backend Services
Backend Services






approach

Modern testing approaches to meet evolving threats

Over the years product security practices have steadily evolved. Through many years of experience, we understand that you may be at varying stage of security maturity and can meet you where we are.

We distinguish ourselves from commoditised security testing services by also performing highly bespoke and thorough security testing. Our security testing projects are carefully tailored to meet requirements and provide tangible outcomes.

We take a systematic approach by dissecting the architecture of the product, consider its unique threat model, then combine offensive research and security engineering skill-sets to simulate likely threat scenarios, carefully assess attack surfaces, and fortify products in a pragmatic manner.

Outcomes

Deliverables

Our customers perform security testing to reduce any security risks that may be introduced by newly acquired or updated software and hardware. Our security assessments will deliver top-tier quality service that works alongside you to get your desired outcomes.

Decades of experience and thousands of security tests later, we are able to remove the unknowns from your environment by pinpointing the exact line of code or configuration where vulnerabilities are introduced.

Icon Tailored security testing informed by collaborative threat modelling
Icon On-going and timely professional communication
Icon Technical documentation of tests conducted
Icon Detailed technical description of contextualise security vulnerabilities
Icon Proof of concept instructions and code snippets
Icon Executive presentation of security assessment

Testimonials

Working together with Elttam helped us have confidence in the security of our infrastructure and areas of our application we wanted to focus on. The team was very communicative and we worked well together towards improving the security of our platform.

CTO, Assetnote

Buildkite’s products are used by the most successful companies in the world. Using our products requires a deep understanding of DevOps paradigms such as CI/CD. When it comes to testing the security of our products and our platform, we continuously rely on Elttam’s technical expertise and professionalism to identify real threats and to communicate to our customers our commitment to Security.

VP, Security, Buildkite

Working with Elttam was a fantastic experience for us. The level of support is absolutely white-glove. Any questions we had were responded to in a super timely manner, and the penetration test report was professional, easy to understand, and comprehensive. The skill of the pen-testers were also great, and they clearly know what they’re doing. Fluency will be using Elttam for the foreseeable future, and would highly recommend anyone else to as well.

Co-Founder, Fluency

Extremely impressed with both the quality of the investigation and the comprehensive-ness (if that’s a word) of the report, elttam caught a few things we were already aware of, but even more we were not, they kept us up to date the whole way, nice work!

Head of Security, Headsafe

Back in 2020, when we were looking to engage a company, Elttam stood out above all the others. Professional with a no-bullshit approach. Really feel that Elttam is part of the wider team here, when we work together.

Security Engineer, Cliniko (Red Guava)

It is evident to us that the team at elttam has significant experience and skills to deliver comprehensive security assessments. Over the years we’ve collaborated with elttam, we’ve found them to be extremely knowledgeable, professional, and easy to work with.

CEO, Retrospect Labs

Choosing the right vendor for penetration testing is essential because you need a team that understands threats and tactics, has strong integrity, and can adapt their approach to fit your business needs, with clear communication throughout. Elttam proved to be an excellent choice for Seer Medical. They are experienced professionals who can tailor their testing solutions to our requirements. We consider them a trusted partner and would not hesitate to work with them again in the future.

CISO, Seer Medical

We chose Elttam over several other firms due to their local presence, technical expertise, professionalism, and results-oriented approach. Their meticulous planning and scoping process ensured a Statement of Work that perfectly aligned with our needs, with a timeline that exceeded our requirements. In a crowded market, Elttam stands out. We highly recommend them for any Australian organisations seeking local security assessment talent operating at a global caliber. We’re lucky to call them a partner.

CTO, Stake