Cybersecurity Advisory & Evidence Assurance

Independent security posture assessment.

Framework alignment.

Evidence-led risk guidance.

Outsec helps Australian small and medium businesses understand where they actually stand, without the guesswork. A lightweight agent runs a set of non-intrusive checks across your Windows, Linux, and macOS systems, mapped against recognised frameworks including the ACSC Essential Eight. Results are aggregated into clear maturity scoring and reporting -- so you know exactly what's covered, what isn't, and what to prioritise next.

Outsec provides identification and reporting only. We don't sell remediation work -- findings are handed to you (or your IT partner of choice) to act on, with no conflict of interest in the result.

Maturity matrix Unassessed
L0
L1
L2
L3
Patch applications
·
·
·
Patch operating systems
·
·
·
MFA
·
·
·
Restrict admin privileges
·
·
·
Application control
·
·
·
MS Office macros
·
·
·
User app hardening
·
·
·
Regular backups
·
·
·
8 strategies · 4 levels · one instrument
How the assessment works

Three steps, no ambiguity about who does what next.

01

Scan

SEKKO, our scanning agent, gathers configuration evidence across your environment — patching, privilege, MFA, macros, backups.

02

Score

Each of the eight strategies is scored against the ACSC's own maturity levels, zero to three. No house methodology, no partial credit.

03

Report

You get the matrix, the gaps, and what level you're actually at. What you do with it, and who does it, is entirely your call.

The framework

The eight strategies, in the ACSC's own three objectives.

Prevent

  • Application control
  • Patch applications
  • Configure MS Office macros
  • User application hardening

Limit

  • Restrict admin privileges
  • Patch operating systems
  • Multi-factor authentication

Recover

  • Regular backups
“We're not your MSP. We don't sell the fix. We tell you where you actually stand, and you choose who closes the gap.”
The independence clause