We build software. Then we break it before attackers do.
Black Shard is a cybersecurity firm that builds, ships, and secures real software. Penetration testing, red teaming, security advisory, compliance, and secure-by-design builds, from a team that runs its own regulated SaaS in Brisbane.
Four ways we secure you.
Offensive testing, defensive advisory, compliance readiness, and secure-by-design builds: one team across all four.
Offensive testing
Penetration testing, red teaming, and phishing simulation. We attack your systems the way an adversary would, then hand you a ranked fix list.
Defensive & advisory
Posture assessments, vCISO, and Azure cloud security reviews. A security seat at your table, without a full-time hire.
Compliance readiness
Essential Eight, SMB1001, ISO 27001, and Privacy Act uplift. We get you audit-ready, with the evidence to prove it.
Secure software builds
Secure-by-design development and code review: the build muscle behind our own regulated SaaS, applied to yours.
We build and run the software we secure.
Certified where it counts.
We hold SMB1001:2026 Gold, listed on the public registry, and self-assess against the ASD Essential Eight and the Australian Privacy Principles.
Three steps. One commitment.
Read the real risk
We learn the system before we test it: the attack surface, the data that matters, the obligations you carry.
Test like an adversary
We attack applications, networks, and people against the OWASP and ASD playbooks. We test for the objective an attacker is actually after.
Fix like an engineer
Plain-English findings, concrete fixes, and a re-test to prove the holes are closed.
info@blackshard.com.au
Brisbane, QLD 4000. Replies inside 48 hours, in person.
Cyber security certifiedSMB1001:2026 · Gold (Level 3) · Verify on CyberCert