Assurance Services

Fortify your digital and physical assets against threats with Mercury.

Over 900 successful cyber security engagements & counting…

As an Australian based cyber security practice with extensive experience in the delivery of assessment and quality assurance services, we are dedicated to identifying vulnerabilities, enhancing protection, and empowering your workforce with the knowledge to build secure applications and defend against evolving threats.

Our Assurance Services encompass a wide range of cybersecurity offerings tailored to safeguard your digital assets. From ASVS assessments and penetration testing to cloud security and mobile application assessments, we provide comprehensive, industry-leading services designed to fortify your organisation’s security posture.

Our Assurance Services

Application Security Assessment

We assess the security of the application employing the OWASP testing guidelines to identify vulnerabilities that could be exploited by attackers.

Android and iOS application security assessments

We evaluate your mobile devices and applications for security vulnerabilities, ensuring a robust defence against mobile-specific threats.

Penetration Testing

Our experts simulate real-world attacks to identify vulnerabilities and provide actionable insights for enhancing your security posture.

Application Code
Reviews

Our team performs thorough analysis of your application source code to detect security flaws and recommend improvements.

Wireless Penetration
Tests

We assess your wireless networks for vulnerabilities and misconfigurations, safeguarding against unauthorised access and potential attacks.

Application Development Training

Our training empowers developers with knowledge and skills to build secure applications by implementing industry best practices.

Physical Security Assessment

We evaluate your facilities and security measures, identifying potential risks and providing recommendations for enhanced protection.

Red Team

Our experts simulate advanced, targeted attacks to test your organisation's security resilience and response capabilities.

Network Security
Testing

We assess your network and applications for vulnerabilities, ensuring comprehensive protection against potential cyber threats.

Social Engineering

Our specialists simulate social engineering attacks to test employee awareness and your organisation's defence against human-based threats.

ASVS Assessment

We evaluate applications against OWASP's Application Security Verification Standard, ensuring compliance with industry best practices.

Cloud Security Assessments

Our team examines your cloud infrastructure, ensuring proper configurations, access controls, and adherence to best practices.

Our Engagement Process

Our customer-centric engagement model ensures meticulous planning, seamless communication, and risk minimisation for optimal project outcomes and satisfaction.

Dedicated Point of Contact

We provide a single point of contact for project management, ensuring clear communication and timely escalation directly with the expert providing the delivery, all while maintaining continuity of service.

Engagement Planning

Our planning process includes confirming points of contact, resource scheduling, scope reconfirmation, and establishing engagement rules for smooth project execution.

Delivery

Our team will consistently keep you abreast of our activities, ensuring that you receive reliable ongoing support and expertise throughout our services.

Project Close Out

At the end of each engagement, we deliver final reports, conduct debrief meetings, and ensure client acceptance, securely retaining data for specified durations.

Risk Minimisation

We employ secure management practices, information management, and security tools, along with careful engagement planning to minimise risks during service delivery.

Our Accreditations

CISA is renowned globally as the achievement standard for those auditing, controlling, monitoring, and assessing IT and business systems.

CISSP represents excellence, as the most globally recognised industry standard, and the first security credential to meet ISO/IEC 17024 conditions.

Demonstrates hands-on technical skills and practical security knowledge for those responsible for IT security implementation.

CREST approved organisations possess proven technical capabilities and are the top choice for information security testing providers.

Offensive Security Exploitation Professional, advanced hacking certification for professionals to identify and exploit vulnerabilities

Offensive Security Exploitation Expert, an expert-level hacking certification for professionals to master penetration testing techniques.

Offensive Security Certified Expert, the most challenging hacking certification for professionals seeking advanced penetration testing skills.

Australian Institute of Company Directors, provides education and director development programs for board members and executives. Our leadership undertakes extensive training with the AICD.

Offensive Security Web Expert, focuses on web application penetration testing and exploitation techniques for advanced security professionals.

Offensive Security Certified Professional, widely recognised and challenging hacking certification for professionals.