Cybersecurity Office

Web Penetration Testing

Prevent common cyberattacks with Offensive Security (also known as penetration testing or a pentest) by testing your internal and external websites, platforms and APIs against our rigours testing regime. Performing annual pentesting helps to raise the security of your digital environments from an ever-changing list of threats, and helps to meet regulatory requirements that involve standards like PCI DSS, FISMA, ISO, MARS-E, HIPAA, Sarbanes-Oxley.

Why Choose Cybercraft?

Many organisations talk about cyber risk and cyber risk management. However, not many organisations demonstrate an understanding or commitment to information security and the core principles at both governance and management levels.

For clients determining the right cyber risk partner, these can become primary differentiators between organisations delivering cyber related services. Clients need the confidence that their cyber partners walk the walk, not just talk and talk.

  • Rigorous Testing

    Cybercraft undertakes a rigorous testing process for web application penetration testing

  • Automated Scanning

    We use a controlled execution of automated tools to identify vulnerabilities that are presented to each user persona (Unauthenticated, Authenticated and Administrator).

  • Manual Exploitation

    Manual exploitation of vulnerabilities will be undertaken (penetration testing) to provide evidence of the risk of a data breach or privacy breach.

  • Vulnerability Reporting

    Cybercraft will then provide a report that outlines the testing results with categorised risks and provides a detailed summary of cybersecurity vulnerabilities and exploits for each target.

What people say about us

Cybercraft’s knowledge and passion for improving our cyberrisk management were clear from day one; throughout the engagement, they tookthe time to understand our business, work within our budgets and provide theexpert help we need to achieve best practice in our business.

Gilbert McKinnon

Chief Financial Officer, Hunter Retail

Cyber risk management is a must for all businesses.
They help you get started.
Well worth while having a conversation!

James Mann

Business Manager, Energy Solution Providers

Well worth the time.
Great to work with for managing and understanding cyber risk management.

Alix Coutts

Systems Manager, Anthony Harper

With the growing importance of cyber security and the every increasing threat of cyber risks in our present-day time, we (Flume) were eager to work with a company that were not only specialists in cyber security but could help guide us in understanding the importance of cyber resilience and how that needs to be built into your business culture.  
When we met with Cybercraft, we knew they were the team to help us with this because they were both knowledgeable and capable on this area. We decided to engage with their Insight Assessment services which gave us an insight into the areas of our business that were at risk, from an executive level to an operations level. 


Nathan Hauraki, Studio Manager

“We recently engaged in an Incident Response Readiness Audit (IRRA) with Cybercraft and have been thrilled with the results.  As a Healthcare provider we needed to understand our gaps and the team at Cybercraft have been able to provide us with a clear understanding of these.  

Throughout the IRRA they worked with professionalism and expertise and their proactive, friendly approach has given us the confidence that we can ensure our sensitive data and assets are on the way to being better protected.  We would highly recommend Cybercraft to other organizations seeking top-notch cyber security solutions”.

Nicola Mills

General Manager, Sleep & Breathing (NZ) Limited

Get your cyber resilience needs analysed today

Other services
in Cyber Resilience

Fractional Chief Information Security Officer

This is assisting organisations with creating a risk management framework that will assist in helping the organisation create better detection on potential cyber-attacks and to become more cyber resilient.

Learn more >

ISO 27001 Implementation

This is implementing the information security standard internationally recognised and independently audited which provides a statement of assurance that an organisation is fully committed to protecting information and have established the appropriate practices to support this.

Learn more >

Cyberfit Insights Assessment

This is based on lead indicators to identify cyber risks within the organisation for Executive and Directors to understand risks and prioritise further cyber risks and initiatives.

Learn more >

Cyber Risk Assessment

This is a comprehensive assessment providing a clear statement of cyber risk to the Board and the executive to determine risk appetite and prioritisation of remediation and funding.

Learn more >