Black Shard

Work

Software we build, and secure, ourselves.

These are companies we run on systems we built. We threat-model, harden, and review them the same way we would yours, in legal, clinical, and capital-markets settings. They are how we know our security practice works: on the line, every day. Open any one for the full case study.

Bold Property Group, Buyer’s advocacy
Live

Buyer’s advocacy

Bold Property Group

Bold Property Group is the Black Shard buyer’s advocacy arm.

The problem
A new buyer-side advocacy needed an operating stack it could iterate on weekly: brand, marketing site, deal-pipeline tooling, and a private portal for clients tracking an active acquisition.
What we built
We designed the identity, shipped the editorial site, built the agent-network data layer for sourcing off-market opportunities, and stood up the client portal, with CRM and operating playbook on the same data model.
What it does now
Bold is operating today. We keep building underneath it as the playbook evolves.
Read the full case study
GRM LAW, Legal
Live

Legal

GRM LAW

GRM LAW is a Brisbane law firm. Black Shard built and operates the operations and compliance portal the firm runs on day-to-day.

The problem
A Brisbane law firm needed a system to run on day-to-day: secure intake, conflicts checks, a matter register and AML/CTF readiness, with the audit trail underneath, sitting over the practice tools it already used.
What we built
We built the operations and compliance portal: intake, conflicts, matter register and AML/CTF readiness, role-based access over a hardened content-security policy, and an append-only audit ledger enforced on every state change.
How it is secured
Role-based access over a hardened content-security policy, with an append-only audit ledger enforced on every state change.
What it does now
The firm operates from the portal. We ship to it weekly under an ongoing engagement, and the build evolves with the workflow.
Read the full case study
Aurii, Clinical software
Live

Clinical software

Aurii

Aurii is the Black Shard clinical-software venture.

The problem
Australian private-hospital specialists were typing their own clinical notes, letters and billing. The product Black Shard wanted on every specialist desk did not exist, so we built it end-to-end.
What we built
We built the entire stack: native iOS and Android apps, the web app, the speech and OCR pipelines, the multi-tenant data layer with row-level security, and the observability, on Microsoft Azure in the australiaeast region.
How it is secured
Tenant health data isolated with PostgreSQL row-level security, tamper-evident audit trails, rate limiting, and biometric WebAuthn, on Azure in Australia.
What it does now
Aurii is live. The full clinical and privacy frame is built for Australian obligations from the ground up.
Read the full case study
Restart Recruitment, Recruitment
Live

Recruitment

Restart Recruitment

Restart Recruitment is the Black Shard talent venture.

The problem
A senior-specialist and executive search firm built to run fewer searches at a time, properly, needed an internal stack that judged every brief the same way: recruiter dashboard, pipeline, structured scorecard screening.
What we built
We built the brand, the editorial site, the candidate intake and screening flows, the scorecard model, and the outreach engine the recruitment team runs on, with eleven invariant tests pinning the security model.
How it is secured
Eleven invariant tests pin the security model (TOTP replay, OAuth timing, signing caps) so a later change cannot quietly regress it.
What it does now
Restart is operating. Those invariant tests hold the line so the next change does not regress what the team already shipped.
Read the full case study
Stone Leaf Capital, Capital markets
Live

Capital markets

Stone Leaf Capital

Stone Leaf Capital is an Australian capital-markets firm. Black Shard was engaged to build the firm's technology, brand, and operating systems.

The problem
An Australian capital-markets firm (funds management, capital raising, corporate advisory for wholesale clients) needed the technology it operates on: the brand, the public site, and the staff portal underneath.
What we built
We built the brand and public marketing site, and the staff portal that is the operational backbone: critical-event tracking, policy modules, and a compliance audit log capturing actor, action and before/after state on every change.
How it is secured
A compliance audit log captures actor, action, and before-and-after state on every change, structured around the firm's AFSL perimeter.
What it does now
The public marketing site is live. We ship to the portal under an ongoing engagement, structured around the firm’s AFSL perimeter and retention obligations.
Read the full case study

Want this standard on your systems?

The same team that builds and secures these companies will test, harden, or build yours. Same standard, same accountability.

See our services →Start a conversation