News & Events
Aura RedEye win the Electra Business of the Year for 2013!11 November 2013
Aura RedEye Security Ltd is very proud to have been named the Electra Business of the Year 2013, also winning the Medium / Large business excellence category. This is huge for us as the overall excellence award not only recognizes the innovative services we offer but really scrutinizes how we plan, run and operate the business. This award is a huge "well done" to the whole team!
Aura would like to welcome and introduce Jonathon Berry to the VSO team.9 October 2013
Aura would like to welcome Jonathon Berry as the Principal Security Consultant within the Virtual Security Consulting (VSO) team. Jonathon will be leading this team and provides a wealth of knowledge and experience in both the government sector and critical infrastructure having worked for over a decade in the GCSB, specifically within the CCIP and its successor, the NCSC.
Aura RedEye have won the AUT business awards5 September 2013
Aura Redeye Security Limited are very proud to have won the AUT Excellence in Business Support Awards 2013 (<5M Technology). These awards recognise companies that support the industry, which is exactly what we aim to do by keeping their systems secure. Winning the award shows how far both our RedEye and RedShield services have grown as a direct result of the huge effort and skills of our epic development and support teams!
Looking for a career in Information Security with Aura Information Security?23 May 2013
Aura is seeking highly motivated individuals to join our growing teams based in NZ and Australia. If you thrive working in a flexible dynamic team environment, find out how to join us here.
Aura RedEye Finalists in the Wellington Gold Awards and the AUT Business Awards15 May 2013
Aura Redeye Security Limited for the second year running is proud to be announced as finalist in the prestigious AUT Business Awards and the Wellington Gold Awards under the Cyber Gold Category. Showcasing the RedEye’s Vulnerability Scanning, Shielding and Attacking Managed Services, helping to protect and prepare companies around the world against security threats.
Aura expands to Melbourne, Australia1 April 2013
Aura is excited to announce the continued growth and expansion of our consulting services across the ditch to Australia. This move reinforces our ongoing commitment to providing exceptional service to new and existing clients within Australasia.
Aura's Third Year in Deloitte Technology Fast 500 Asia Pacific6 December 2012
Aura is pleased to have been listed again in the Deloitte Technology Fast 500 Asia Pacific 2012 this year. This marks the third year that Aura has made the list which is a ranking of the region's 500 fastest growing technology companies, based on percentage revenue growth over three years.
Aura at Kiwicon 619 November 2012
Aura brought two talks to Kiwicon 6 this year: Graeme Neilson and Shingirayi Padya presented "Attacking Audio One Time Passwords at 1100Hz" and Mike Haworth presented "Demonic Possession of Browsers. BeEF Issue #666". Shingi also received the award for best newcomer. Kiwicon is New Zealand's biggest security event and this year it had a record attendance of approximately 760 people.
RedEye wins at the Electra Business Awards12 October 2012
Having won awards in 2010 and 2011, Aura Information Security is no stranger to the Electra Business Awards. This year, Aura's wholly owned subsidiary Aura RedEye Security Limited also won the New Thinking and Emerging Business of the Year awards. With offices now in Wellington and Auckland serving an international market, Aura has substanitally grown since its first office in Te Horo. Despite this, founders Andy and Diane Prow are still active members in the Kapiti Horowhenua business community and were very proud to collect the awards at a dinner to celebrate the region's local business success.
RedShield wins at the Australia New Zealand Internet Awards10 October 2012
Aura RedEye Security Limited is pleased to announced that its RedShield Cyber Defence Managed Service has won first place in the Security and Privacy category at the 2012 Australia & New Zealand Internet Awards (ANZIA). AuraShield provides rapid-response defences to vulnerable websites. There to proudly collect the award in Canberra were founders Andy and Diane Prow. In selecting RedShield as the winner, the judges commented that the service "goes one step further than simply monitoring, reporting and providing advice". They also said that the service "identified an important need and that Aura has shown commendable initiative in filling it".
Graeme Neilson on Tour21 September 2012
Aura's Security Specialist and Lead Researcher Graeme Neilson is presenting at two international infosec conferences again this year. He will be discussing "BlueVoxing: Attacking Audio One Time Passwords" at Day-Con in Dayton, Ohio (9-13 October) and at the Hackers to Hackers Conference in Sao Paulo, Brazil (20-21 October).
Aura Information Security is a Preferred Supplier on the DIA's Web Professional Services Panel12 September 2012
Aura Information Security is very pleased to announce that it is now a member of the government’s Web Professional Services panel, led by the Department of Internal Affairs (DIA). The syndicated procurement panel is intended to give DIA and eligible agencies across all of NZ government a mechanism to quickly identify and engage with preferred suppliers of web professional services where there is a need for expertise that is not available in-house.
Aura will be offering its penetration testing services to participating agencies and this includes website security testing, mobile application security testing, and infrastructure security testing (i.e. the environment in which the application is hosted). Aura is also offering agencies its security consultancy services, which include security design reviews and threat modeling workshops, code reviews and secure web-development training.
Although Aura has many customers across the New Zealand government sector already, being on the Web Professional Services panel gives Aura the opportunity to provide its services to new agencies. It is also expected to greatly assist in reducing the time and cost associated with each agency’s procurement process.
Managing Director Andy Prow also hopes that the panel itself will encourage participating agencies to not only plan for independent penetration testing at the end of a project, but also plan for more pro-active services such a security reviews and training at the front-end as well. Such early reviews ensure that high-level security design flaws are avoided early on, which reduces the need for costly and time-consuming software and infrastructure fixes at a later stage.
Aura a finalist in the 2012 Electra Business Awards16 August 2012
Aura is pleased to announced that it has been named as a finalist in the 2012 Electra Kapiti Horowhenua Business Awards. This is the second year that Aura has been in the finals, having won the Business of the Year in 2010. The winner will be announced at an awards dinner on Friday 12 October.
Aura a finalist in the 2012 ANZIA Awards
14 August 2012
Aura is pleased to announced that it has been named as a finalist in the 2012 Australia and New Zealand Internet Awards (ANZIA) for its RedEye Vulnerability Scanner. This marks the second year that Aura has made the finals; in 2011 it won runner-up in the Security & Privacy category. The 2012 winners will be announced at a gala dinner in Canberra on 10th October, 2012.
Aura receives more funding from MBIE to take RedEye to the next level
30 July 2012
Aura RedEye Security Limited is very pleased to announce that the Ministry of Business, Innovation and Employment (MBIE) has granted Aura extra funding of $270,000 for the development of Aura's RedEye Vulnerability Scanner. The new funding will assist in the development of a new and enhanced online client portal as well as integration with F5 appliances for Aura's RedShield managed service. RedShield combines RedEye vulnerability scans with F5's Web Application Firewall (WAF) to provide near real-time protection against website vulnerabilities. With investment from both MBIE and Aura, the new development will take RedEye to a new level of functionality and innovation. It will also allow Aura to target the world's extremely large and growing market for easier and more effective continuous security through fast vulnerability identification and remediation.
30 July 2012
Scott Fletcher, Aura's Development Manager, has been nominated for Software Developer of the Year at the ITEX
Computerworld Awards, which will be held in Auckland on 8 November 2012. Aura Managing Director Andy Prow says
Scott has been working hard developing the web interface and API for Aura
RedEye and has delivered an impressive quality of work in a very short space of time. Says Prow, "we're
all very proud of the achievements that Scott has made with RedEye and wish him all the best at
16 July 2012
Aura's Managing Director Andy Prow is now a certified Gateway reviewer. The Gateway is an assurance methodology for major New Zealand government investments and is a review process that examines programmes and projects at key decision points in their lifecycle to provide assurance that they can progress successfully to the next stage. See more information about the Gateway here.
Cyber specialist 'teaches good guys bad tricks'
6 July 2012
Chief executives are increasingly interested in training up for the fight against cyber criminals, hackers and disgruntled IT workers, Aura's Managing Director says. See the article on Stuff.co.nz.
Bosses put company data at risk6 July 2012
Bosses bringing their iPads or new smart phones into work can be putting their own companies in danger of costly cyber attacks, says Aura Information Security's Managing Director Andy Prow. See the article on nzherald.co.nz.
25 June 2012
In association with Equinox IT, Aura is pleased to be offering our "Teaching the Good Guys Bad Tricks" secure developer training course in Wellington as an open course on 1 and 2 August. Please contact us for more information and to book.
Aura Information Security is now part of the NZITF
14 June 2012
Aura Information Security is now a proud corporate member of the New Zealand Internet Task Force. The NZITF is a community of security professionals focusing on improving the operational robustness, integrity, and security of the Internet in New Zealand.
Aura RedEye a finalist in the AUT Business Awards
13 June 2012
Aura Information Security is pleased to announce that Aura RedEye has been selected as a finalist in the 2012 AUT Excellence in Business Support Awardsin the Business under $5m turnover – Technology category. We will be attending the awards dinner on 25 October at AUT Business School.
Aura a finalist in the Wellington Gold Awards
17 April 2012
Aura has been selected as a finalist in the Wellington Gold Awards in the 'Discovering Gold' category (recent research & development projects). Managing Director Andy Prow said he was delighted to have been nominated and in the company of other high calibre Wellington businesses. The 2012 Gold Awards will be held on Thursday May 31st at the TSB Bank Arena.
Aura a top five finalist in the GO UK Awards
28 March 2012
Aura Information Security has been selected as one of the top five finalists in the GO UK Awards. The GO UK competition invited New Zealand companies to submit business plans for a chance to win a $30,000 prize package including airfares and professional services to establish themselves in the United Kingdom. Managing Director Andy Prow says that it was an honour to be nominated amongst other high calibre New Zealand businesses.
"Discourse on Implications for Security and Cryptography from Quantum Oddness"19 March 2012
Aura's Graeme Neilson is NOT a quantum physicist or any other kind of physicist … not in this universe anyway. Still, he does think he can help illuminate the subject of quantum computing for other non-physicists in IT and he is attempting to do so at the Troopers12 Conference in Heidelberg, Germany this week where he is a regular speaker.
16 January 2012
Happy New 2012 from Aura Information Security! At Aura we're really excited about the year ahead - we are beginning some new nationwide and global cyber security initiatives that aim to make New Zealand (and overseas) organisations much more secure online. So watch this space for new and exciting developments!
Aura Information Security would like to wish everyone a safe and information secure Christmas and New Year holiday this year, and offers this fun yet important message for everyone to consider:
14 December 2011
Aura Information Security has released a series of videos to illustrate that basic cyber security can be so simple that even kids can "get it". Aura worked with Room 7 of Te Horo school to produce the videos which was not only a lot of fun for the children, but an important learning experience as well. Although the videos are aimed at adults and organisations, Aura's Managing Director Andy Prow has also been travelling to select schools to talk about the importance of basic personal online security in an engaging and fun way, yet with an underlying serious message. "Many kids are simply too trusting when it comes to the Internet. The irony is that they are often more knowledgable about computer systems and new online trends than their parents. We teach them to be a little more weary of what and who is online and not to accept everything at face value. And as it happens, the exact same message also holds true for adults and companies". You can watch the first video in the series, Kids on Social Networking, below.
Aura climbs up the Deloitte Asia Pacific Fast 500 and is acknowledged again at the Electra Business Awards
2 December 2012
On top of Aura's recent success in the 2011 Deloitte New Zealand Fast 50, where it was awarded the fastest growing technology company in Wellington and the lower north island, Aura was also placed as 269th at the 2011 Deloitte Asia Pacific Fast 500 Business Awards. This represents continued positive growth from last year's position of 284th fastest growing company in the entire Asia Pacific Region. Aura was also presented with a Past Masters Award at the 2011 Electra Business Awards in November this year, in recognition of Aura's previous title of Business of the Year award and its continued and sustained growth.
Aura's Incidence Response Service allows for compromised organisations in New Zealand to receive top priority28 November 2011
After a number of recent high profile cyber attacks in New Zealand, Aura would like to remind New Zealand organisations about its Incidence Response Service, which provides immediate and priortised support and consulting to organisations affected by a serious cyber attack. This service includes assessment of the exploit, priority vulnerability remediation, and advisement on both media response and evidence preservation for later forensic analysis. Aura has a wealth of experience working with companies who have had core systems compromised and Managing Director Andy Prow says that Aura's Incident Response Service allows these companies to have fast resolution which can reduce downtime, contain the damage and minimise any further risk to the customer. Also, for organisations that haven't been compromised, Aura offers incident response plan development as a pre-emptive strategy to ensure that - should the worst happen - customers have contingency measures in place to mitigate damage. If your company has had a serious cyber attack, phone Aura as soon as possible on 04 894 3755.
25 November 2011
Aura's Managing Director Andy Prow postulates that New Zealanders' trusting nature could have serious implications for the organisations that they work for in this week's New Zealand Computer Society newsletter.
9 November 2011
Aura Information Security is extremely proud to announce that it has won a Deloitte
Fast 50 award for the fastest growing technology business in Wellington and the Lower North Island. Overall this
places Aura as the 37th fastest growing company in New Zealand. Managing Director Andy Prow says he is "very
proud of this accomplishment and it reflects Aura's committment to protecting its customers as well as promoting
information security to all New Zealand businesses".
7 November 2011
Kiwicon V was held on 4-6 November in Wellington. This year's event had a large turnout of 600 and included a wide range of technical and political talks from many expert speakers. Aura's Mike Haworth and Aura associate Kirk Jackson spoke about issues where the boundary between web apps and native apps gets blurry. Click here for the slides to the talk.
31 October 2011
10 October 2011
Aura is proud to announce that its RedEye vulnerability scanning managed service has won 2nd place (highly commended) at the 2011 Australia and New Zealand Internet Awards (ANZIA) in the security and privacy category. Owners Andy and Diane Prow were very pleased to accept the award in person at a ceremony held in Melbourne.
9 September 2011
Aura Information Security is pleased to announce that Graeme Neilson has been selected to talk at the Hackers to Hackers Conference (H2HC) in São Paulo, Brazil where he will be presenting the topic "Welcome to RootKit Country v2". With training and lectures presented by respected members of the corporate world, research groups and underground community, the H2HC promises to demonstrate techniques that have never been seen or discussed with the public before. As well as sharing information, the corporate knowledge that Aura will gain at the conference is part of its commitment to research in information security, which ensures that it is at the forefront of what's happening in the industry.
25 August 2011
Andy Prow and Kirk Jackson presented at Tech·Ed NZ 2011 - the largest tech conference in New Zealand. They have compiled a "Cheat Sheet" of defenses for the common web risks for ASP.NET, MVC and SharePoint developers. You can download the PDF here.
14 July 2011
Today Kirk Jackson presented at the inaugural WDCNZ Web Developer Conference in Wellington, organised by Xero. Kirk's talk looked at new browser features to help secure web applications, in particular the support for HTTP headers to help prevent cross-site scripting, man-in-the-middle attacks and more. You can download a PDF of his whitepaper on File Upload Considerations here.
14 July 2011
Today, at the NZSIF monthly breakfast at the University of Auckland School of Business, Scott Fletcher talked about the Secure Development LIfe Cycle and how organisations can save themselves many long-term problems by being proactive about security and ensuring that it is "baked in" at every level of the development cycle. You can download his presentation here.
7 July 2011
Aura's Kirk Jackson presented at OWASP New Zealand Day 2011 on File Upload Considerations. You can download his presentation here. Scott Fletcher wass also at OWASP presenting an entertaining training module entitled "The CodeFather" but if you missed this session don't worry, we're repeating this event both publicly and as bookable events in Auckland, Wellington and Christchurch. Just email us to register your interest.
27 June 2011
1 June 2011
Aura Information Security is pleased to announced that it is a Platinum Sponsor of this year's CIO Summit at the SKYCITY Convention Centre, Auckland. This year Gary Hinson, Chief Executive Officer of ISECT Ltd will be presenting "Taking Information Security to the Executive Team". This presentation proposes that Information Security should be the responsiblity of the whole company, starting with the Executive team. The session will cover the real risks all organisations face today and how the solutions are a balance of technology and organisational awareness and behaviour. Click here to register for the CIO Summit.
24 May 2011
Andy Prow gave a presentation at the Cloud Security Summit on what's happening in the Cloud Infrastructure as a Service (IaaS) space, including the pros and cons of using a Cloud provider and the security implications and risks. He also explained how to mitigate these risks by implementing specific cloud security policies. You can access the presentation here.
12 May 2011
Aura Information Security and Endace Ltd, the high-speed, lossless packet capture experts, announced their new partnership to the world stage at Interop Vegas, one of the world's largest business technology events.
This new partnership centers around RedEye RealTime which is the merger of the Aura RedEye Vulnerability Scanner and the Endace Probe, a product that allows enterprises to combine vulnerability scanning with full historical packet retrieval. RedEye RealTime allows companies, once a vulnerability has been identified, to be able to reliably and accurately ascertain whether that vulnerability has been exploited and if so, what exactly has been compromised or stolen from a company's network. Andy Prow, Managing Director of Aura Information Security, says that RedEye RealTime effectively "minimises the gap between risk and impact".
The first commercial trials of RedEye RealTime are expected to begin shortly.
15 April 2011
Aura Information Security is very proud to announce that it is now the first and only New Zealand company to become an Approved Scanning Vendor of the PCI (Payment Cards Industry) Security Standards Council.
As a PCI ASV, Aura is authorised to validate certain DSS requirements by performing vulnerability scans of companies' Internet facing environments. The criteria to become a PCI ASV is very strict and only a handful of companies in the entire Asia Pacific region (including India) have become certified by the PCI Security Standards Council.
By combining their certified Information Security expertise with their daily vulnerability scanner RedEye, Aura can now ensure that their customers are guaranteed to comply with PCI standards every day. A PCI Qualified Security Assessor (QSA) tends to conduct audits yearly or quarterly (at best) and because customers' networks are always being changed or new vulnerabilities are constantly being discovered, this security strategy is comparatively limited in its effectiveness.
Also, by providing vulnerability scanning and Information Security services locally, Aura can now offer New Zealand companies much more responsive and relevant security than if they were to deal with overseas companies to ensure their consistent compliance with the PCI standards.
14 April 2011
Rapid7 NeXpose, which received the highest rating of “Strong Positive” in Gartner’s Marketscope for Vulnerability Assessment 2010, leverages one of the largest vulnerabilities databases to identify vulnerabilities that represent the greatest threat to organisations.
Says Aura Managing Director Andy Prow: "of all the enteprise-level vulnerability scanners that we evaluated for our own RedEye suite of products, neXpose consistently out-ranked and out-performed the competition. We truly believe it is the best product for organisations requiring on-site vulnerability assessment".
The top three reasons that organisations should switch to neXpose:
- They reduce their vulnerability management cost of ownership
- They comprehensively fullfil regulatory compliance vulnerability assessment requirements
- They lower their security risk profile
Previous Aura Events
AUT Business Awards
7 November 2012, Auckland
Hackers to Hackers Conference (H2HC)
20-21 October 2012, Sao Paulo, Brazil
9-13 October 2012, Dayton, Ohio, USA
Secure Developer Training Course
1-2 October 2012, Wellington
Electra Business Awards
19 September 2012, Paraparaumu
FST Technology & Innovation
19 September 2012, Auckland
13 September 2012, Dunedin
4-7 September 2012, Auckland
OWASP New Zealand Day 2012
31 August 2012, Auckland
IBANZ Insurance Brokers Conference
22-24 August 2012, Auckland
5 July 2012, Auckland
25 June 2012, Auckland
2012 Public Sector Immersion Roadshow
June 2012, US
Intellect UK Cyber Security Marketing Strategy Workshop
June 21 2012, London
2012 Gold Awards
May 31 2012, Auckland
NZ Cloud Computing Summit
29-30 May 2012, Auckland
11 May 2012, Auckland
9 May 2012, Wellington
19-23 April 2012, Heidelberg, Germany
GO UK Finalists
29 March 2012, Auckland
23 November 2011, Auckland
6 November 2011
5-14 October 2011
FST Technology and Innovation Conference
1 September 2011
24 August 2011
27 July 2011
Breakfast meeting - 14 July 2011
14 July 2011
20-21 June 2011
27-28 June 2011
7 July 2011