BinaryMist

BinaryMist is a security consulting firm focused on helping software development teams integrate security practices earlier in the software development life-cycle (SDLC). The company operates out of New Zealand and offers a range of services aimed at reducing security defects and improving the security posture of development teams. Services offered include: - Development Team Security Teardown: An assessment service that reviews a development team's process and the system being built to surface potential security issues and defects. - Development Team Security Implementation: Hands-on engagement to help development teams build and ship more secure software, shifting security left to reduce reliance on late-stage security reviews and penetration testing. - Security Review & Penetration Testing: Manual security review and penetration testing of applications and systems to identify vulnerabilities before they can be exploited. - Security Strategy Retainer: An ongoing advisory arrangement providing direct access to the principal consultant for security guidance over a four-month period. BinaryMist also develops PurpleTeam, a separate tool for automatable security regression testing of applications and APIs, designed to be integrated into CI/CD pipelines. The firm has worked with clients including MYOB (DevSecOps and AWS migration), Trineo (security threat modeling), Lentune (architectural and security consulting), and Christchurch City Council. The principal consultant has authored books on holistic information security for web developers and has spoken at events such as OWASP New Zealand Day and Christchurch Hacker Con.