1. Book and authorise
A short call or email exchange confirms your business details, domain, and written authorisation for the public-facing review. You receive the questionnaire.
48-hour review
Quick Cyber Risk Review: fast, honest answers about your cyber risk
In 48 hours, know whether your email domain can be impersonated, what your website exposes, and whether one convincing email could redirect a client payment — with a plan to fix what matters first.
$1,500 — delivered within 48 business hours
Prices are in AUD. GST treatment to be confirmed with Yarra Secure's accountant before publication of whether prices are inclusive or exclusive of GST.
Public-facing and questionnaire-based. Nothing is tested beyond publicly visible information without separate written authorisation.
What is checked
The review focuses on the gaps that cause most small-business incidents.
- Public-facing review of your website and domain settings
- Email and domain posture snapshot (SPF, DKIM, DMARC presence and configuration signals)
- Website basics snapshot: TLS, security headers, exposed admin paths, visible software signals
- Structured questionnaire covering invoice handling, payment-change verification, MFA, and backups
- A short, prioritised action plan written for owners
What is not included
Clear boundaries protect you and us. These are available separately, properly scoped and authorised.
- Intrusive or authenticated testing of any system
- Penetration testing or exploitation of any kind
- Changes to your systems
- Compliance certification of any framework
How it works
Three steps, 48 business hours, no disruption to your team.
2. We review
Within 48 business hours of your completed questionnaire: email/domain posture, website basics, and your invoice, MFA, and backup processes.
3. You get the plan
A short report with evidence, risk ratings, and a prioritised action plan — plus a 15-minute walkthrough call if you want one.
To book, use the contact page, email contact@yarrasecure.com.au, or call Sam on 0435 315 894.
Common questions
Why is the review questionnaire-based?
Because the most damaging small-business risks — payment redirection, missing MFA, untested backups — are process gaps that no external scan can see. Combining public-facing checks with your answers gives a far more honest picture than a scan report.
Is this a penetration test?
No. Nothing is attacked, exploited, or accessed. The review uses publicly visible information and your questionnaire answers only. If deeper authorised testing is ever appropriate, it is scoped separately in writing.
What happens after the review?
The action plan is yours. Many clients implement it with their own IT provider; others continue into the Essential Cyber Health Check or a protection sprint. There is no obligation either way.
Book a Quick Cyber Risk Review
Send your business name, domain, and main concern. We confirm scope and authorisation in writing, then the 48-hour clock starts when your questionnaire lands.
Or call Sam directly on 0435 315 894.