Cosive Pty Ltd

Who we are

We provide repeatable solutions to Australasia’s toughest security challenges. ​Our customers are high-profile targets with the toughest security challenges imaginable: four of the top six banks in Australia, critical infrastructure providers, technology companies, and governments.

Founded in 2015, Cosive is led by industry veterans Kayne Naughton (CEO), Terry MacDonald (COO) and Chris Horsley (CTO). Our leadership team has 48 years of combined security experience.

What we do

We offer products and services in a number of different areas, from consulting and training, to bespoke software development and custom Cosive-developed products. We work with you to identify enhancements you can make to improve your Security Operations. We can help you integrate best-of-breed security tools into your team’s workflow. We are focused on providing threat intelligence management platforms, security orchestration, intelligence feeds, integration and consulting services, STIX/TAXII consultancy, and incident response guidance. We also offer malware analysis solutions, endpoint protection, and intelligence enrichment systems.

Our products

Antifraud - Fraud detection software

Antifraud is fraud detection software. It provides you with a suite of behavioural biometrics and device fingerprinting data to stop fraud before it happens. It’s currently supporting fraud prevention and anti-money laundering strategy at major banks.

Smokeproxy - Security investigation VPN

Smokeproxy is an invisibility cloak for your security team. It’s a specialised VPN proxy service that helps you carry out more successful malware analysis and fraud investigations.

CloudMISP - Managed MISP service

All the benefits of MISP with the convenience of SaaS. Although MISP is extremely powerful it can be difficult and time-consuming for teams to self-host, configure, harden, maintain, and upgrade.CloudMISP is a ready-to-use MISP instance in the cloud, managed for you by a team of security experts with battle-tested MISP experience.

Our services

Threat Intelligence Consulting & Engineering

From developing bespoke CTI tooling to integrating and customising your existing tools, Cosive’s threat intelligence engineers are ready to help. Our skilled threat intelligence engineers specialise in developing tailor-made CTI tooling or plugins that enable ideal CTI workflows with minimal wasted time and effort. We’ve developed custom CTI tooling in use at some of Australia & New Zealand’s largest threat intelligence programs.

Our services include:

• Threat intel tooling & TIP consulting
• Intelligence collection consulting (feeds & OSINT)
• Lifecycle consulting
• Threat intelligence maturity and roadmap review
• Threat intelligence program establishment consulting

MISP Consulting & Engineering

MISP is the most popular open-source threat intelligence sharing platform and is in use at thousands of enterprise organisations around the globe. Cosive are veteran MISP practitioners, contributors to the MISP project, and our consultants have provided subject matter expertise on MISP to the ACSC. We operate a managed MISP service (CloudMISP) and also provide MISP engineering and consulting services.

Work with Australia & New Zealand’s leading MISP experts. We provide comprehensive guidance, expertise, and support in effectively implementing, optimising, and utilising the MISP platform to enhance your threat intelligence capabilities. Let us guide you towards unlocking the full potential of MISP.

Security Assurance

Through meticulous assessments, audits, testing and reporting, we identify weaknesses and potential risks in your security infrastructure and provide realistic recommendations on how to fix them. Our security assurance services include detailed reports suitable for regulatory bodies and key stakeholders.

Our services include:

• Network penetration testing
• Code security review/audit
• Purple team exercises
• Application security testing
• Secure software development practices
• Software Reverse Engineering

Security Operations

Build a robust security operations centre (SOC) that can effectively safeguard critical assets, detect emerging threats, and respond swiftly to security incidents. We can assist with improving workflows, tooling, incident management playbooks, and your logging, monitoring and alerting capabilities.

Our services include:

• Logging, monitoring and alerting uplift
• ATT&CK mapping
• Incident management playbook consulting
• Security operations tooling assessment
• Security operations workflow consulting
• Use case development
• Post incident review
• SecOps maturity models, roadmaps & gap analysis

Security Engineering & Integration

We combine software engineering capability with deep security domain knowledge. Our expertise means we are regularly called upon to develop bespoke security tooling, systems and integrations for major organisations throughout Australia & New Zealand.

Our services include:

• Custom security tooling development
• Security tool integration development
• Security software design & architecture
• Custom cyber security dashboards & analysis

Cyber security Training

We provide cyber security training both in-person and remotely throughout Australia and New Zealand, including to organisations in Melbourne, Sydney, Canberra, Brisbane, Darwin, Perth, Hobart, Wellington, Christchurch and Auckland.

Our training courses include:

• Introduction to STIX, TAXII and CybOX
• CSIRT/SOC fundamentals
• Open source security orchestration
• Using ATT&CK to map threat intelligence to detections
• Open source intelligence for SOC analysts
• MISP Kickstart

Tabletop exercises & Crisis Simulation

We provide realistic cyber security scenarios to test your response plans and capabilities.

• In our approach to simulations, we incorporate aspects of functional exercising along with technical exercising and/or major incident testing.
• We use a tabletop exercise format to ensure the exercise is appropriately contained (and doesn’t impact your actual operations). We plan and deliver the exercise in a scheduled and structured manner.
• Your TTX facilitator will work with you to identify your objectives and to ensure that we have an understanding of the functional and/or technical aspects we are testing.
• We use our experience in cyber security incident response to develop a realistic scenario supported by appropriate details and visual aids (exercise injects).

Our partners

Get in contact with us for more information about these companies: