SECURING AUSTRALIA'S
DIGITAL FUTURE
SOVEREIGN CYBER SECURITY EXPERTISE
Malware Security (MalSec) is dedicated to maintaining a team of passionate, capable, and experienced cyber security experts.
As an active member of the Defence Industry Security Program (DISP), MalSec supports complex security engagements across Australian Government, Defence, critical infrastructure, and national intelligence community (NIC) clients.
Our team’s personal and professional obsessions with cyber security drive us to stay at the forefront of emerging threats, technologies, and techniques. As a result, our clients receive contemporary, context-aware guidance from specialist, AGSVA-cleared practitioners who live and breathe security.
OUR SERVICES
Penetration Testing
Offensive security is our specialty. We conduct intensive assessments of cloud, hybrid, and on-premises environments to identify exploitable vulnerabilities and deliver actionable remediation advice...
IRAP Assessments
IRAP assessments are required for systems that process, store, or transfer Australian Government data. Our IRAP assessors complete independent reviews against the ISM, preparing systems for an Authority to Operate (AtO)...
Security Architecture
We evaluate existing architectures and design new solutions aligned with Australian Government frameworks and operational requirements. Our assessments cover system segregation, trust boundaries, encryption...
Distributed Denial of Service (DDoS) Testing
DDoS attacks can cripple your online operations. We perform DDoS simulations against network, transport, and application layers to measure your detection, mitigation, and recovery performance under realistic attack conditions...
AI Security Assessments & Advisory
Securing non-deterministic systems requires an intimate understanding of both AI/ML and cyber system fundamentals. We perform system threat modelling, technical assessments, and security architecture advisory...
Essential 8 Assessments & Uplift
The Essential Eight maturity model is a baseline set of controls for reducing cyber risk. We assess your current maturity, identify gaps, and deliver practical, organisation-specific uplift plans...
Red-Team Engagements
Physical, cyber, and human domains all form your organisation’s real-world attack surface. Our red team simulates sophisticated adversary tactics to evaluate detection, escalation, and response capabilities ...
Cyber Hygiene Scanning
Your internet-facing systems are constantly exposed to opportunistic and targeted attacks. We monitor your digital footprint for misconfigurations, exposed assets, and emerging vulnerabilities to give your team early warning...
Secure Code Reviews
We perform deep source code reviews using a hybrid manual and automated approach to detect security flaws in critical systems and services, before release or as part of ongoing assurance activities...
STRATEGIC PARTNERS
OUR DIFFERENCE
Knowledge Transfer & Value For Money
We believe that service engagements and capability augmentation should never leave a skills vacuum behind. Knowledge transfer and capability uplift are central to how we operate. Whether through service engagements or embedded roles, our people actively support internal uplift programs, mentor in-house teams, and drive long-term security improvement, delivering lasting value-for-money.
Experts in the Australian Context
We’re uniquely embedded in the Australian information security and compliance ecosystem. Our personnel have not only applied and implemented key government frameworks, but have also contributed to their development through placements within the agencies that authored them.
Community, Growth & Contribution
Outside of work, our team stays engaged with the broader information security community - developing open-source tools, conducting vulnerability research, supporting community initiatives, and contributing thought leadership in emerging security sub-fields.
