Compliance Readiness

Controls & Evidence: Continuous evidence collection and control implementation

Identity Integration:

Integration with your chosen IDP: OAuth / OIDC, SSO, SAML, LDAP, SCIM

Asset Management

Software and Systems Auditing; Automated population hardware, VM, software registers

Access Reviews

Automated and auditable user access verification.

On-Demand Expertise When You Need It Most

You just need the right expert, right now

Observability & Integration

Turn complexity into clarity. Centralized metrics, logs, and tracing pipelines

Straight from the Lab

Read more

Service Without Silos: Modernising Segregation of Duties

By Andrew Mason on September 25, 2025

Segregation of Duty Without Silos

How automation enables compliant, high-velocity teams in regulated environments

In Australia’s regulated sectors, the phrase Segregation of Duties (SoD) is a cornerstone of compliance. For CIOs and CTOs, upholding standards like ISO 27001, PCI DSS often leads to a default solution: organisational silos. We create separate teams for development, platform operations, and QA, citing SoD as the reason.

The intention is sound, but the outcome is frequently a drag on performance. This traditional model introduces friction through endless ticket handoffs, context switching, and delays. For lean organisations or leaders championing agile, “two-pizza teams,” building an entire org chart just to tick a compliance box is inefficient and costly.

Continue reading

Read more

Save SaaS costs with SCIM

By Andrew Mason on September 22, 2025

Compliance as a Cost Saver

Why compliance frameworks are your secret weapon against rising IT costs

CIOs and CTOs don’t need reminding: IT budgets are under relentless pressure.
Every new SaaS license, every “per-user/per-month” subscription, every compliance audit adds to the sense that IT is a cost center.

It doesn’t take long before SaaS spend spirals out of control. Creative Cloud here, Salesforce there, a dozen productivity apps everywhere—it all adds up fast. And when compliance gets thrown into the mix, it often feels like just another tax on the business.

Continue reading

Read more

Authelia - Open Source IDP

By Andrew Mason on August 30, 2025

Switching to Authelia:

Advantages and Tradeoffs for Companies Using Cognito, Auth0, or PingID

Identity and access management (IAM) is a critical component for securing applications and user data. Many companies rely on managed services like AWS Cognito, Auth0 (now part of Okta), and PingID (from Ping Identity) for their authentication needs. These platforms offer robust features, but they can come with ongoing costs, potential vendor lock-in, and reliance on third-party infrastructure.

Continue reading