Security

Security partner for NZ small and medium businesses

Independent, hands-on security for lean NZ teams without dedicated engineering. We help you spot real risks, lock down your cloud, and respond fast when something goes wrong.

Talk to us about a security reviewSee how we work
The challenge

Security has changed — and most NZ SMBs are exposed

Attackers now use AI to scan, probe, and weaponise vulnerabilities at a speed that did not exist three years ago. Crypto-mining hijacks, automated credential stuffing, and database exfiltration are no longer rare events — they hit any internet-exposed application.

Most NZ SMBs do not have an internal security or engineering team to call when a cloud abuse alert lands. We are the partner you call instead — same-day triage, practical containment, and ongoing hardening so the next alert does not turn into an incident.

What we do

Practical security services for NZ SMBs

Cloud security review

Audit your GCP, AWS, or Azure account for misconfigurations, exposed services, and over-privileged access — with a prioritised remediation plan.

Incident response & forensics

Same-day triage when an abuse alert lands. We trace the root cause, contain the impact, and report back in plain English.

Egress & firewall hardening

Lock down outbound traffic so a compromised workload cannot phone home — even if an attacker gets initial code execution.

Secrets & access management

Audit and clean up API keys, IAM roles, and service accounts. Least-privilege by default, secrets in a vault, no more shared admin logins.

Container & Kubernetes security

Pod security policies, image scanning, network policies, and runtime monitoring for teams running GKE, EKS, or AKS.

Ongoing security advisory

A monthly check-in covering new alerts, patch status, and architectural drift. So your security posture does not silently rot.

Who it is for

Built for NZ businesses without dedicated security staff

  • SMBs running customer-facing apps on GCP, AWS, or Azure
  • Businesses that just got a cloud abuse or vulnerability notification
  • Teams without internal security or engineering capacity
  • Companies post-incident wanting to harden and prevent recurrence
  • Organisations preparing for a security audit or due diligence
How it works

A simple three-step engagement

  1. 01

    Assess

    A focused review of your cloud account, application surface, and current security posture. We surface real, exploitable risks — not generic checklist findings.

  2. 02

    Harden

    We implement the fixes alongside your team or fully on your behalf — IAM cleanup, egress rules, secrets rotation, container policies, monitoring.

  3. 03

    Respond & monitor

    You get a named contact for incidents and a monthly check-in. So when an alert lands, you are not starting from scratch with someone new.

Outcomes

What you walk away with

Specific findings depend on your environment. The deliverables below are what we typically agree at the start of an engagement.

  • A prioritised list of real, exploitable risks in your environment
  • IAM, secrets, and network controls cleaned up to least-privilege defaults
  • A written incident-response playbook your team can follow under pressure
  • A named partner to call when something goes wrong, instead of starting cold
  • Ongoing visibility into new risks as your environment changes
Recent work

A crypto-mining attack contained the same afternoon

Client

An Auckland tourism company running a customer-facing Next.js app on GCP, originally built by an offshore dev team. No internal engineering or security staff.

Business pain

They received an abuse notification from their cloud provider on a Friday afternoon — a production workload was sending outbound traffic to a known crypto-mining pool.

What we did

Same-day triage, traced the compromised pod through GCP audit logs and serial console forensics, and contained the attack without taking the customer-facing site offline.

Tools & approach

GCP Cloud Logging for VM and container forensics, kubectl for cluster inspection, and a targeted egress firewall rule to cut off the mining traffic while the application bug was patched.

Results

Attack contained within hours of the abuse notice. The customer-facing site stayed up. The application root cause was patched the following week with our coordination.

Ongoing impact

The business now has a security partner on call. The next abuse alert — if there ever is one — will not be a cold start.

Read the full case study →
Why Techfolks

Practical, hands-on, NZ-focused

Hands-on, not tick-box

Not a tick-box compliance consultancy. We read logs, fix code, and harden infrastructure ourselves.

Built for SMBs

We do not push enterprise tooling or audit frameworks you cannot afford. Practical wins that fit your team and budget.

Same-day response

When an abuse alert lands, you hear from us within hours — not next sprint.

Cloud-native expertise

Deep hands-on experience with GCP, AWS, and Azure — IAM, networking, GKE/EKS/AKS, secrets, observability.

No lock-in

Every fix is documented. Your team can take it forward without us — we are a partner, not a dependency.

Get started

Book a security review with us

A 30-minute conversation to understand your environment, your current concerns, and where the real risks are. No obligation, no sales pitch — practical advice you can act on the same week.

Talk to us about a security review →
FAQ

Common questions

We are a small business — do you still help with security?

Yes. Most of our security clients are NZ SMBs without internal engineering or security staff. Security work for a 10-person team looks very different from enterprise compliance, and we focus on what actually reduces risk for your size and stage.

We just got a cloud abuse alert — can you help today?

Usually yes. Same-day triage is one of the most common reasons clients reach out. Get in touch and we will tell you within the hour whether it is genuinely urgent or can wait until the next business day.

Which clouds do you work across?

GCP, AWS, and Azure — and the Kubernetes managed services on all three (GKE, EKS, AKS). For NZ SMBs the cloud rarely matters; the security principles transfer cleanly between them.

Do you offer ongoing security support, or only one-off projects?

Both. Most engagements start with a focused review or an incident, then transition into a monthly advisory arrangement so risks do not silently grow as your environment changes.

Can you work alongside our existing developers or vendors?

Yes. We are happy to act as the security advisor while your dev team or hosting partner handles delivery. We document everything so handoff is clean.

What does an incident response engagement look like?

Triage within hours, containment within the same day where possible, and a written post-incident report covering root cause, what we changed, and what to monitor going forward. We keep your customer-facing services up wherever realistically possible.

How do you handle our data during a review?

We access only what we need, read-only where possible, and only via accounts you provision and can revoke at any time. We do not retain copies of your data, and any findings we share are sanitised of identifying details.

Need help right now?

Get same-day security triage

Just got a cloud abuse notification, suspect a breach, or seeing something that does not look right? Reach out — we triage fast and tell you honestly how serious it is. You will hear back within one business day, or sooner during an active incident.

Contact us now →