About

Independent. NZ-based. Builders, not box-tickers.

Cyphonica was founded to deliver cyber security work the way the people who pay for it actually want it: fixed scope, plain-English reports, and someone who actually knows how the software underneath works.

Why us

Most security findings on a real engagement come from understanding how the application or tenant is actually built, not from running a scanner. We have been shipping production software for fifteen years across web, mobile, payments and AI tooling. That informs every audit we do.

We work for NZ businesses that need a real answer, fast, with a fixed price and no offshoring. Reports go directly to the people who own the risk, not into a sales pipeline.

The team

Gareth Erasmus

Founder · Senior Security Analyst

Software engineer turned security specialist. Builds the tools he uses on engagements, including Cyphonica's own offline backup software and the local AI agent harness powering our sovereign-AI deployments. Fifteen-plus years across web, mobile and platform work.

Justine Keating

Security Analyst

Engagement lead and client liaison. Makes sure every audit lands with a report you can hand to your board, your insurer and your team without translation.

How we work

Fixed scope and fixed price wherever the work allows it.
Read-only access by default. No Global Admin. Time-boxed elevation only when remediation needs it.
Critical findings go to you the same hour, not the deliverable.
Reports written for the person paying the bill, not for the auditor.
NZ-based delivery. Data stays in your environment.

Tell us what is keeping you up at night.

Thirty minutes on a call. No pitch deck, no jargon. We will tell you whether we can help, and if we can't we will tell you who can.

Book a scoping call