Cyber Security Services

Services

Practical security reviews for websites, cloud tools, and small teams

Each service is scoped before work begins. Pricing lives in one central file so it can be adjusted as the business offer matures.

Starting from $690 + GST

A focused review of the risks attackers commonly check first, delivered in plain English within two business days.

What it is: A scoped website security review covering visible configuration, common vulnerabilities, exposed services, account risks, and practical remediation priorities.
Who it is for: Small businesses, WordPress site owners, ecommerce stores, clinics, tradies, startups, and local service businesses that need quick clarity before a problem becomes expensive.
What you receive: A plain-English report with screenshots, risk ratings, evidence, prioritised fixes, and a short follow-up call to walk through the findings.

Starting from $450 + GST

A practical check for common website weaknesses, misconfigurations, risky headers, outdated software signals, and exposed admin paths.

What it is: A focused review of your public website and agreed scope using safe, non-destructive checks.
Who it is for: Businesses with a brochure site, booking site, online store, member area, or custom web app that needs an independent security sense check.
What you receive: A prioritised issue list, evidence, remediation guidance, and notes on what should be checked by your developer or hosting provider.

Starting from $590 + GST

Tighten the everyday WordPress settings attackers probe first, including updates, logins, plugins, backups, and exposed surfaces.

What it is: A practical hardening review of WordPress configuration, plugin exposure, admin access, update hygiene, and baseline protections.
Who it is for: WordPress site owners, agencies, consultants, ecommerce operators, and businesses relying on a site that has grown without regular security review.
What you receive: A hardening checklist, recommended settings, plugin risk notes, quick wins, and priority fixes for your web developer or administrator.

Starting from $390 + GST

Identify simple gaps that make impersonation, invoice scams, and staff phishing more likely to succeed.

What it is: A review of common scam pathways, email domain protections, staff-facing processes, and public information that can be abused.
Who it is for: Businesses handling invoices, bookings, payments, client records, or shared inboxes where one convincing email could cause real harm.
What you receive: A plain-English risk summary, priority controls, email authentication recommendations, and simple staff process improvements.

Starting from $490 + GST

Review basic account, admin, sharing, and authentication settings in the tools many small teams depend on every day.

What it is: A baseline review of agreed Google Workspace or Microsoft 365 security settings, with attention to MFA, admin accounts, sharing, and recovery settings.
Who it is for: Small teams using cloud email, file sharing, calendars, and shared admin accounts without a recent security settings review.
What you receive: A settings report, priority changes, screenshots where useful, and practical guidance for owners or IT support providers.

Starting from $520 + GST

Check repositories and developer workflows for accidentally exposed secrets, risky permissions, and public code leakage.

What it is: A scoped review of GitHub repositories, visibility, access controls, branch protections, exposed secrets, and common workflow risks.
Who it is for: Startups, developers, agencies, and small software teams that need a practical check before launch, funding, or client handover.
What you receive: A clear code exposure report, secret handling recommendations, access control notes, and remediation priorities.

Starting from $420 + GST

Review the public-facing basics around DNS, domains, email authentication, storage exposure, and common cloud configuration risks.

What it is: A scoped baseline check of domain records, DNS hygiene, exposed services, storage risks, and agreed cloud configuration areas.
Who it is for: Businesses using cloud hosting, SaaS tools, custom domains, online stores, or outsourced IT that wants a second set of eyes.
What you receive: A risk-ranked checklist, evidence, recommended fixes, and questions to raise with your host, agency, or IT provider.

Send the website URL, business context, and the concern you want checked. Yarra Secure can recommend a narrow, practical starting point.