NEWS: AMARU is now the proud supporter of the 2024 NZ Hi-Tech Awards!
Cyber security and compliance are a challenge. We help you win it.
Your trusted cyber security partner in New Zealand.
Get a clear picture of your cyber security posture
Helping organisations achieve security standards like SOC 2 compliance, ISO 27001, HIPAA, NIST Cybersecurity frameworks and others.
Proactive and modern penetration testing services
Tailored cybersecurity services for your business
Reduce cyber security operational costs
Our Services
End-to-end services covering every challenge throughout your cyber security and cloud journey.
Security Risk Assessments
Cyber security assessment
Microsoft Security Assessments
Google Security Assessments
Managed Detection and Response (MDR)
Our MDR service provides 24/7 system security monitoring with forensic and threat hunting capabilities in New Zealand
Penetration Testing
Gain the lead on attackers with our NZ penetration testing services, giving you a real-life oversight of your system’s vulnerabilities
Managed Security Training
Our Managed Security Awareness Training helps you address the ongoing issue of social engineering and phishing attacks
Security Compliance
Achieve best practices for globally recognised security standards for your products and services SOC 2, NIST CSF, ISO 27001, Essential Eight, HIPAA, PCI DSS, NZISM, HITRUST.
Managed Security Service
A fully-managed cyber security service for businesses to safeguard data, systems and business reputation.
Reliable cyber security solution provider in New Zealand
Trusted by over 70 local brands across Aotearoa New Zealand, monitoring over 500+ systems and resolving 1000+ valid vulnerabilities across all our clients. Our information technology security specialists are trained and CREST-certified individuals providing tech-enabled security and compliance solutions customised to your business.
Customer Success Stories
See how Amaru has helped organisations, of all sizes,
meet their information security, compliance and business transformation requirements.
Incident Response Plan for Oceania Healthcare
Figured chooses AMARU for SOC 2 Compliance
Harmoney chooses AMARU for Penetration Testing Services
We work with amazing customers
Why AMARU?
Skilled team of professionals at your service
We all know there is a skills shortage in cyber security. Forget the stress of recruiting and retaining and let our highly skilled CREST-certified cyber security professionals take care of everything
We care about your business- like its ours!
This means we go above and beyond to provide you with the highest level of protection and support, just like we would for our own company – and fret not we don’t charge a hefty amount for it!
Achieve a secure and resilient digital environment
By providing customised strategies that strengthen your cyber security posture, we enable you to sell products and services securely both locally and globally with internationally-recognised security standards.
Frequently Asked Questions
See our frequently asked cyber security questions below for help and advice.
Which cyber security framework should I use?
We believe that before choosing a cyber security framework, a business should first focus its efforts to understand their strategic business objectives so security can enable achieving them but also take in consideration the legal, contractual and regulatory requirements. A common mistake that our cybersecurity consultants often encounter is that businesses through money where is not needed, and therefore businesses should first focus on understanding the key assets they want to protect, followed by identifying cyber security threats that the business is exposed to, assets in scope and continuously identify vulnerabilities among those assets. It is then paramount to identify your cyber security risks and the controls that you need to implement to mitigate risks – that’s when a cybersecurity framework that fits your business needs comes handy. There are a number of internationally recognised cybersecurity frameworks such as NIST CSF, ISO27001, SOC2 Type II, PCI DSS, CSA and many others. The most important factor is that a business takes one of these and make it relevant to them. Adhering to a cybersecurity framework is good but there is no one size fits all. Many of the frameworks don’t cover the most important factor– to focus on the unique threats to a business.
How can cyber security be improved?
Cyber security can be improved by addressing the basics of security and focusing on your technology, people and processes. You’d be surprised how many businesses still haven’t put in place basic cyber security fundamentals; things like:
- Using multi-factor authentication
- Having in place advanced endpoint protection and response
- Patch early, patch often
- Harden your systems by changing default username and passwords and removing weak protocols – especially those exposed to the internet
- Having good network security
- Backup regularly and keep a recent backup copy off-line and off-site
- Providing cyber security awareness training
- Having cyber security policies and processes
- Use strong passwords