news & events

A happy and secure 2012 to all from Aura

16 January 2012

Happy New 2012 from Aura Information Security! At Aura we're really excited about the year ahead - we are beginning some new nationwide and global cyber security initiatives that aim to make New Zealand (and overseas) organisations much more secure online. So watch this space for new and exciting developments!

---

 

Some Safe and Sound Advice from Aura Information Security this Christmas

20 December 2011

Aura Information Security would like to wish everyone a safe and information secure Christmas and New Year holiday this year, and offers this fun yet important message for everyone to consider:

---

 

Simple Cyber Security should be Child's Play says Aura

14 December 2011

Aura Information Security has released a series of videos to illustrate that basic cyber security can be so simple that even kids can "get it". Aura worked with Room 7 of Te Horo school to produce the videos which was not only a lot of fun for the children, but an important learning experience as well. Although the videos are aimed at adults and organisations, Aura's Managing Director Andy Prow has also been travelling to select schools to talk about the importance of basic personal online security in an engaging and fun way, yet with an underlying serious message. "Many kids are simply too trusting when it comes to the Internet. The irony is that they are often more knowledgable about computer systems and new online trends than their parents. We teach them to be a little more weary of what and who is online and not to accept everything at face value. And as it happens, the exact same message also holds true for adults and companies". You can watch the first video in the series, Kids on Social Networking, below.

---

 

Aura climbs up the Deloitte Asia Pacific Fast 500 and is acknowledged again at the Electra Business Awards

2 December 2012

On top of Aura's recent success in the 2011 Deloitte New Zealand Fast 50, where it was awarded the fastest growing technology company in Wellington and the lower north island, Aura was also placed as 269th at the 2011 Deloitte Asia Pacific Fast 500 Business Awards. This represents continued positive growth from last year's position of 284th fastest growing company in the entire Asia Pacific Region. Aura was also presented with a Past Masters Award at the 2011 Electra Business Awards in November this year, in recognition of Aura's previous title of Business of the Year award and its continued and sustained growth.

---

Aura's Incidence Response Service allows for compromised organisations in New Zealand to receive top priority

28 November 2011

After a number of recent high profile cyber attacks in New Zealand, Aura would like to remind New Zealand organisations about its Incidence Response Service, which provides immediate and priortised support and consulting to organisations affected by a serious cyber attack. This service includes assessment of the exploit, priority vulnerability remediation, and advisement on both media response and evidence preservation for later forensic analysis. Aura has a wealth of experience working with companies who have had core systems compromised and Managing Director Andy Prow says that Aura's Incident Response Service allows these companies to have fast resolution which can reduce downtime, contain the damage and minimise any further risk to the customer. Also, for organisations that haven't been compromised, Aura offers incident response plan development as a pre-emptive strategy to ensure that - should the worst happen - customers have contingency measures in place to mitigate damage. If your company has had a serious cyber attack, phone Aura as soon as possible on 04 894 3755.

---

Are kiwis too trusting?

25 November 2011

Aura's Managing Director Andy Prow postulates that New Zealanders' trusting nature could have serious implications for the organisations that they work for in this week's New Zealand Computer Society newsletter.

---

 

Aura wins at the Deloitte Fast 50

9 November 2011

Aura Information Security is extremely proud to announce that it has won a Deloitte Fast 50 award for the fastest growing technology business in Wellington and the Lower North Island. Overall this places Aura as the 37th fastest growing company in New Zealand. Managing Director Andy Prow says he is "very proud of this accomplishment and it reflects Aura's committment to protecting its customers as well as promoting information security to all New Zealand businesses".

---

Aura at Kiwicon V

7 November 2011

Kiwicon V was held on 4-6 November in Wellington. This year's event had a large turnout of 600 and included a wide range of technical and political talks from many expert speakers. Aura's Mike Haworth and Aura associate Kirk Jackson spoke about issues where the boundary between web apps and native apps gets blurry. Click here for the slides to the talk.

---

 

Aura receives a mention in the EDANZ Annual report

31 October 2011

Click here to read the article in the Economic Development Agencies of New Zealand Innovation Through Collaboration 2011 Annual Report.

---

 

Aura RedEye wins second place at the Australia and New Zealand Internet Awards

10 October 2011

Aura is proud to announce that its RedEye vulnerability scanning managed service has won 2nd place (highly commended) at the 2011 Australia and New Zealand Internet Awards (ANZIA) in the security and privacy category. Owners Andy and Diane Prow were very pleased to accept the award in person at a ceremony held in Melbourne.

---

 

Aura's Graeme Neilson is presenting at H2HC in São Paulo, Brazil October 29-30, 2011

9 September 2011

Aura Information Security is pleased to announce that Graeme Neilson has been selected to talk at the Hackers to Hackers Conference (H2HC) in São Paulo, Brazil where he will be presenting the topic "Welcome to RootKit Country v2". With training and lectures presented by respected members of the corporate world, research groups and underground community, the H2HC promises to demonstrate techniques that have never been seen or discussed with the public before. As well as sharing information, the corporate knowledge that Aura will gain at the conference is part of its commitment to research in information security, which ensures that it is at the forefront of what's happening in the industry.

---

 

Hack·Ed: Boost your defences!

25 August 2011

Andy Prow and Kirk Jackson presented at Tech·Ed NZ 2011 - the largest tech conference in New Zealand. They have compiled a "Cheat Sheet" of defenses for the common web risks for ASP.NET, MVC and SharePoint developers. You can download the PDF here.

---

 

Get a Head(er) in Web Security

14 July 2011

Today Kirk Jackson presented at the inaugural WDCNZ Web Developer Conference in Wellington, organised by Xero. Kirk's talk looked at new browser features to help secure web applications, in particular the support for HTTP headers to help prevent cross-site scripting, man-in-the-middle attacks and more. You can download a PDF of his whitepaper on File Upload Considerations here.

---

 

New Zealand Security Information Forum (NZSIF) breakfast talk

14 July 2011

Today, at the NZSIF monthly breakfast at the University of Auckland School of Business, Scott Fletcher talked about the Secure Development LIfe Cycle and how organisations can save themselves many long-term problems by being proactive about security and ensuring that it is "baked in" at every level of the development cycle. You can download his presentation here.

---

 

Aura @ OWASP

7 July 2011

Aura's Kirk Jackson presented at OWASP New Zealand Day 2011 on File Upload Considerations. You can download his presentation here. Scott Fletcher wass also at OWASP presenting an entertaining training module entitled "The CodeFather" but if you missed this session don't worry, we're repeating this event both publicly and as bookable events in Auckland, Wellington and Christchurch. Just email us to register your interest.

---

 

Gary Hinson of ISECT presents on behalf of Aura at the CIO Summit

27 June 2011

Gary Hinson, Chief Executive Officer of ISECT Ltd presented "Taking Information Security to the Executive Team" at the annual CIO Summit. You can download his presentation here.

---

 

Aura sponsoring CIO Summit, 27-28 June

1 June 2011

Aura Information Security is pleased to announced that it is a Platinum Sponsor of this year's CIO Summit at the SKYCITY Convention Centre, Auckland. This year Gary Hinson, Chief Executive Officer of ISECT Ltd will be presenting "Taking Information Security to the Executive Team". This presentation proposes that Information Security should be the responsiblity of the whole company, starting with the Executive team. The session will cover the real risks all organisations face today and how the solutions are a balance of technology and organisational awareness and behaviour. Click here to register for the CIO Summit.

---

Cloud Security Policies Presentation at Cloud Security Summit

24 May 2011

Andy Prow gave a presentation at the Cloud Security Summit on what's happening in the Cloud Infrastructure as a Service (IaaS) space, including the pros and cons of using a Cloud provider and the security implications and risks. He also explained how to mitigate these risks by implementing specific cloud security policies. You can access the presentation here.

---

Aura and Endace launch RedEye RealTime in Vegas

12 May 2011

Aura Information Security and Endace Ltd, the high-speed, lossless packet capture experts, announced their new partnership to the world stage at Interop Vegas, one of the world's largest business technology events.

This new partnership centers around RedEye RealTime which is the merger of the Aura RedEye Vulnerability Scanner and the Endace Probe, a product that allows enterprises to combine vulnerability scanning with full historical packet retrieval. RedEye RealTime allows companies, once a vulnerability has been identified, to be able to reliably and accurately ascertain whether that vulnerability has been exploited and if so, what exactly has been compromised or stolen from a company's network. Andy Prow, Managing Director of Aura Information Security, says that RedEye RealTime effectively "minimises the gap between risk and impact".

The first commercial trials of RedEye RealTime are expected to begin shortly.

---

Aura is New Zealand's first and only PCI Approved Scanning Vendor!

15 April 2011

Aura Information Security is very proud to announce that it is now the first and only New Zealand company to become an Approved Scanning Vendor of the PCI (Payment Cards Industry) Security Standards Council.

As a PCI ASV, Aura is authorised to validate certain DSS requirements by performing vulnerability scans of companies' Internet facing environments. The criteria to become a PCI ASV is very strict and only a handful of companies in the entire Asia Pacific region (including India) have become certified by the PCI Security Standards Council.

By combining their certified Information Security expertise with their daily vulnerability scanner RedEye, Aura can now ensure that their customers are guaranteed to comply with PCI standards every day. A PCI Qualified Security Assessor (QSA) tends to conduct audits yearly or quarterly (at best) and because customers' networks are always being changed or new vulnerabilities are constantly being discovered, this security strategy is comparatively limited in its effectiveness.

Also, by providing vulnerability scanning and Information Security services locally, Aura can now offer New Zealand companies much more responsive and relevant security than if they were to deal with overseas companies to ensure their consistent compliance with the PCI standards.

---

Aura is now a Rapid7 Authorised Reseller

14 April 2011

Aura Information Security is pleased to announce that it is now an authorised reseller of the Rapid7 line of products, including the award-winning and highly-accoladed neXpose vulnerability scanner.

Rapid7 NeXpose, which received the highest rating of “Strong Positive” in Gartner’s Marketscope for Vulnerability Assessment 2010, leverages one of the largest vulnerabilities databases to identify vulnerabilities that represent the greatest threat to organisations.

Says Aura Managing Director Andy Prow: "of all the enteprise-level vulnerability scanners that we evaluated for our own RedEye suite of products, neXpose consistently out-ranked and out-performed the competition. We truly believe it is the best product for organisations requiring on-site vulnerability assessment".

The top three reasons that organisations should swtich to neXpose:

• They reduce their vulnerability management cost of ownership
• They comprehensively fullfil regulatory compliance vulnerability assessment requirements
• They lower their security risk profile
  
  
  

---

WDCNZ Web Security Workshop

06 April 2011

Aura Information Security will be running a half-day web security workshop on Friday 15 July for those wanting expert training the day after WDCNZ. Click here for more.

---

archived news ...