Cyber Harmony
Trusted Cybersecurity Partner · Australia
Secure Today, Harmonize Tomorrow

Defending Your Digital Future

Cyber Harmony Pty Ltd delivers enterprise-grade cybersecurity solutions — from penetration testing to Azure cloud security — protecting what matters most to your organisation.

⚡ Get Protected Now Explore Services →
100%
Client Confidentiality
24/7
Incident Response
6+
Security Disciplines
Who We Are

Security Is Not a Feature. It's a Foundation.

Cyber Harmony Pty Ltd is an Australian cybersecurity firm built on the belief that robust security must be accessible, understandable, and actionable. We protect businesses of all sizes — combining deep technical expertise with a commitment to knowledge sharing.

🎯
Precision & Expertise
Every engagement is delivered with rigorous methodology and uncompromising attention to detail.
🤝
Trusted Partnership
We work alongside your team — not just as vendors, but as long-term security partners.
📚
Knowledge Sharing
We actively share insights, research, and resources to raise the security standard across the industry.
Cyber Harmony
✦ Secure Today, Harmonize Tomorrow ✦
What We Do

Our Services

Comprehensive cybersecurity solutions tailored to your organisation's threat landscape and compliance requirements.

🔍
Penetration Testing
Simulate real-world attacks on your infrastructure, applications, and networks to uncover vulnerabilities before adversaries do. Actionable reports with clear remediation roadmaps.
Red Team · OWASP · PTES
📋
Security Audits & Compliance
Navigate complex regulatory landscapes with confidence. We assess your security posture against ISO 27001, Essential Eight, SOC 2, and industry-specific compliance frameworks.
ISO 27001 · Essential Eight · SOC 2
🚨
Incident Response
When a breach occurs, every minute counts. Our 24/7 incident response team contains threats swiftly, preserves evidence, and guides your recovery to minimise impact.
24/7 Response · Forensics · DFIR
🎓
Security Training & Awareness
Your people are your first line of defence. Engaging, scenario-based programmes — from phishing simulations to executive security briefings — that build lasting security culture.
Phishing Sims · eLearning · Workshops
🧠
Consulting & Advisory
Strategic cybersecurity guidance for boards, CISOs, and leadership teams. We build roadmaps, select tools, and align security investment with business objectives.
vCISO · Strategy · Risk Management
☁️
Azure Security
Specialised security for Microsoft Azure — identity hardening, Defender for Cloud, Microsoft Sentinel SIEM deployment, and secure architecture reviews.
Microsoft Sentinel · Defender · Entra ID
Our Work

Featured Projects

A selection of engagements where Cyber Harmony delivered measurable security improvements.

☁️
Completed
Azure Cloud Security Hardening
End-to-end assessment and hardening of a mid-size enterprise's Azure tenant — Entra ID, Defender for Cloud, NSGs, and RBAC remediation.
AzureEntra IDRBACDefender
🔍
Active
Financial Sector Penetration Test
Full-scope external and internal penetration test for a regional financial services provider — web app testing, network segmentation, and social engineering assessment.
Pen TestingWeb AppFinance
🎓
Ongoing
Enterprise Security Awareness Programme
A 12-month security awareness programme for a 500-seat organisation — phishing simulations, eLearning modules, and quarterly metrics reporting.
TrainingPhishingeLearningKPIs
Knowledge Base

Insights & Articles

Practical cybersecurity knowledge — written for practitioners, leaders, and anyone serious about protecting their organisation.

Email Security
Microsoft 365 Anti-Malware: What Most Tenants Get Wrong
Most M365 tenants have anti-malware enabled. Almost none have it configured properly. From ZAP to quarantine policies — here's what you're missing and why it matters.
02 Jun 2025
Read More →
Azure Security
Securing Microsoft Entra ID: The Identity Hardening Checklist You Need
Identity is the new perimeter. We walk through essential Entra ID hardening steps — from Conditional Access policies to privileged identity management.
15 Apr 2025
Read More →
Threat Intelligence
Understanding the Essential Eight: A Plain-English Guide for Australian Businesses
The ACSC's Essential Eight are non-negotiable for Australian organisations. We break down each control and show how to prioritise implementation based on your risk profile.
02 Mar 2025
Read More →
Incident Response
The First 24 Hours: What to Do When You Suspect a Breach
Most organisations underestimate the cost of delay after a breach. The critical first 24 hours — who to call, what to preserve, and the decisions that define recovery.
18 Jan 2025
Read More →
ASD Essential Eight Maturity Model

The Essential Eight.
You've heard of it.
But are you actually implementing it?

Most Australian organisations sit at Maturity Level 1. The ACSC recommends Level 2 as a baseline. Find out where you stand — in minutes.

📥 Download Free Checklist See the reality check →
8
Controls to Assess
ML0–3
Maturity Levels
48h
Patch SLA at ML2
Free
Self-Assessment
Reality Check

Quick maturity check — answer honestly

🛡️
E8-1 Application Control
Do you know every app running on your endpoints?
"Can you list every executable allowed to run — and prove nothing else can?"
🔧
E8-2 Patch Applications
Are you patching within 48 hours for internet-facing services?
"How many days does it actually take from CVE published to patch deployed?"
🔐
E8-7 Multi-Factor Authentication
Is MFA enabled for ALL remote access — not just some?
"Can you name the services that still use password-only authentication?"
👤
E8-5 Restrict Admin Privileges
When did you last audit who has domain admin?
"Is your admin account count growing every time someone needs elevated access?"
💾
E8-8 Regular Backups
When did you last test restoring from backup?
"Not just backing up — actually restoring. With a documented test result?"
⚙️
E8-6 Patch Operating Systems
Are your OS patches applied within two weeks?
"How many endpoints in your fleet are running an unpatched OS right now?"

Most Australian organisations are at ML1. The ACSC recommends ML2 as a baseline — and government supply chains are increasingly requiring it. Our free checklist helps you identify exactly where you are and what it takes to move up.

Where is your organisation?
ML0 ML1 ← most ML2 ← target ML3
Free Download

Essential Eight
Self-Assessment
Checklist

A practical, no-fluff checklist covering all eight controls across ML0 to ML3. Built for Australian IT teams and security managers who need a clear picture of their current posture — fast.

All 8 Essential Eight controls mapped to ML0–ML3 criteria
Plain-English questions your team can actually answer
Gap identification — see exactly what ML2 requires
Evidence checklist for each control
Aligned to the ACSC November 2023 Maturity Model
Works for Windows, Linux and macOS environments
Free Self-Assessment
Instant download — no sales call required
8 Controls 4 ML Levels Free Always

No spam. Unsubscribe anytime. 🇦🇺 Australian owned.

Microsoft 365 · Defender for Office 365

Email Security

Enterprise email is the single largest attack surface in most organisations. We design, configure, and validate layered defences across Microsoft 365 and Defender for Office 365 — so your inbox doesn't become an entry point.

What We Do

Our Services

We go beyond enabling the defaults. Every engagement includes a full audit of your existing posture, followed by deliberate configuration, testing, and documentation — tailored to your organisation's risk profile.

🔍
Anti-Malware Policy Audit & Configuration
We review your existing M365 anti-malware policies against current ACSC and Microsoft best practice. We enable and tune the Common Attachments Filter, configure quarantine actions, and build custom policies for high-risk user groups including executives, finance, and IT — applying stricter controls where standard defaults aren't enough.
MalwareFilterPolicy · PowerShell · IaC
Zero-Hour Auto Purge (ZAP) Enablement
ZAP retroactively quarantines emails that were delivered before malware or phishing signatures were available. We enable and validate ZAP across your tenant for both malware and phishing detections — one of the most underutilised protections in the M365 stack, and one of the most effective.
ZAP · Defender for Office 365 · Threat Protection
🏛️
Quarantine Policy Design & Admin Workflow
We design quarantine policies appropriate to each detection type. Malware detections are locked to AdminOnlyAccessPolicy — end users should never be able to release malware. We establish admin review workflows, configure notification cadences, and ensure your team has visibility over the quarantine queue without creating risk.
Quarantine Management · AdminOnlyAccessPolicy
🚨
Internal Sender Alerting & Compromise Detection
An internal sender triggering a malware alert is a critical red flag — it signals a compromised device or account. We configure separate admin notification policies for internal and external senders, and integrate these alerts into your broader incident response workflow so threats don't go undetected.
Alert Policies · Incident Response · M365 Defender
🧪
Configuration Testing & EICAR Validation
Every configuration we deploy is tested before we hand it over. We use the EICAR test file — a harmless 68-byte string recognised by every anti-malware engine as malware — to verify that quarantine is working correctly. If it reaches the inbox, the policy isn't working. We don't leave until it doesn't.
EICAR · Policy Validation · Security Testing
⚙️
PowerShell & IaC Deployment at Scale
For organisations deploying at scale or through infrastructure-as-code pipelines, we build and document PowerShell-based policy deployment covering both MalwareFilterPolicy and MalwareFilterRule objects. This ensures consistent, repeatable configuration across tenants and reduces reliance on manual portal configuration.
PowerShell · Automation · Enterprise Deployment
Technical Reference

Microsoft 365 Anti-Malware: What Most Tenants Get Wrong

By Hossein Sadeghi · Cyber Harmony Pty Ltd

Most Microsoft 365 tenants I audit have anti-malware enabled. Almost none of them have it configured properly. Here's what you're missing — and why it matters.

Every Microsoft 365 tenant with cloud mailboxes gets a default anti-malware policy. It applies to everyone, it's always on, and you can't delete it. That's the good news. The bad news? The defaults are a starting point — not a finish line.

01
Common Attachments Filter
Enable it. Microsoft maintains a list of file types that are almost never legitimate in email — .ace, .apk, .iso, .vhd, and many more. When detected, quarantine is recommended over NDR — it preserves the message for investigation without delivering it.
02
Zero-Hour Auto Purge (ZAP) for Malware
One of the most underrated protections in the stack. ZAP retroactively pulls back emails that were delivered before malware signatures were available — then quarantines them. Enable it. Full stop.
03
Quarantine Policy
By default, malware detections use AdminOnlyAccessPolicy — meaning recipients get no notification that a message was quarantined. That's correct for malware. But ensure your admins are aware of the queue and reviewing it regularly.
04
Admin Notifications
Configure alerts for malware detected from both internal and external senders separately. An internal sender triggering a malware alert is a red flag — it means a device or account may already be compromised.
05
Custom Policies by User Group
The default policy covers everyone, but it's blunt. Build targeted policies for high-risk groups — executives, finance, IT — with stricter settings. Custom policies apply to inbound email only, so don't forget your default policy covers outbound.
PowerShell — Deploy a policy with attachments filter + admin notifications
New-MalwareFilterPolicy -Name "Finance Team Policy" -EnableFileFilter $true -EnableInternalSenderAdminNotifications $true -InternalSenderAdminAddress security@yourcompany.com

New-MalwareFilterRule -Name "Finance Team Rule" -MalwareFilterPolicy "Finance Team Policy" -SentToMemberOf "Finance-DL@yourcompany.com"
Bottom Line

Anti-malware policies in Defender for Office 365 are not set-and-forget. They require deliberate configuration, regular review, and testing. If you haven't audited yours recently — now is a good time. Happy to walk through your current setup. Drop a message or contact us directly.

Microsoft Defender Defender for Office 365 Email Security Anti-Malware Zero-Hour Auto Purge Australian Cybersecurity M365
Free Resources

Tools & Downloads

Practical resources to help you improve your security posture — available to the community, free of charge.

📄
Essential Eight Self-Assessment Checklist
Assess your maturity against ACSC's Essential Eight controls.
Free Download →
☁️
Azure Security Baseline Checklist
100+ controls mapped to Microsoft's cloud security benchmark.
XLSX Download
🎭
Phishing Awareness Poster Pack
Print-ready A3 posters — practical tips your staff will actually read.
ZIP Download
🗺️
Incident Response Playbook Template
Customisable IR playbook covering the most common threat scenarios.
DOCX Download
🏛️
ACSC — Australian Cyber Security Centre
Australia's primary source of cyber threat advice and guidance.
External Link
🪟
Microsoft Security Hub
Official Microsoft security products, docs, and threat intelligence.
External Link
Get In Touch

Let's Secure Your Organisation

Ready to strengthen your defences? Send us a message and we'll be in touch within one business day.

📧
Email
admin@cyberharmony.au
📍
Location
Australia
🕐
Response Time
Within 1 Business Day
🚨
Incident Hotline
Available 24/7 for active incidents
✅ Message received! We'll be in touch within one business day.