Avantgard - Active Cyber Defence
Avantgard is an Australian company providing cyber defence services to Australian & NZ critical infrastructure and government
Our Services

Active Cyber Defence
Avantgard provides active cyber defence services developing campaigns to proactively protect our clients from cyber attack. Active cyber defence employs cyber intelligence, deception and active threat hunting to detect malicious activity sooner and more reliably than is possible with passive defence. Avantgard draws together leading Australian & International capability in Active Cyber Defence. Our work is done in the context of our national laws and of each client’s unique “regulatory universe”.
Request a consultation today.
Click to details
How does Active Cyber Defence work?
We survey our client’s online presence from an attacker perspective, then plant tempting deceptive elements where attackers will look. These deceptive resources are irresistible to attackers who are led to traps where their activity is recorded while the defender is alerted.
The defender gets these benefits:
- Enhanced cyber resilience – you know exactly what your attackers are doing and what tools they are using against you from day to day;
- Assurance that breaches will be detected quickly;
- Zero false positives reduces staff workload;
- Detection of even previously unknown malware;
- Works even in unhygienic environments with legacy infrastructure
What is Passive Cyber Defence?
Passive cyber defence relies on conventional cyber security practices such as network hygiene, firewalls, virus filters, good user behaviour etc. By itself, passive cyber defence has proven to be ineffective against sophisticated attacks.
Active Cyber Defence vs Cyber Offence!
Active Cyber Defence excludes offensive cyber actions which are the sole domain of authorised government agencies.

TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately. TrapX’s customer base includes over 300 Forbes Global 2000 commercial and government customers worldwide.
Avantgard represents TrapX in Australia and NZ.

Cylus was founded to help mainline and urban railway companies avoid safety incidents and service disruptions caused by cyber-attacks. Cylus offers solutions that are specifically designed to address the unique requirements and needs of the railway industry, enabling to detect cyber threats in signalling and control networks, trackside and onboard, facilitating an effective response before harm happens. Led by veterans from the Israel Defense Forces’ Elite Technological Unit together with top executives from the railway industry, Cylus combines deep expertise in cybersecurity and rail.
Avantgard represents Cylus in Australia and NZ
Who We Are

Andrew Cox
Founder & CEO

Andrey Shirben
Founder

Yoav (Joe) Saar (Lt. Colonel Retired)
Founder
Resources
CylusOne Cybersecurity for rail Signaling
CylusOne provides a complete and real-time view of the entire network with detailed information that covers all levels; from the network’s entire topology down to the granular level of each and every asset, including trackside devices, interlockings, management workstations and more.
TrapX WhitePaper - Simplifying Adoption MITRE ATT&CK with Deception
Deception takes a fundamentally different approach to cybersecurity, and offers unique benefits for those looking for insight to support ATT&CK prioritization. Unlike other security controls, deception draws the attacker in. The moment an attacker interacts with a trap, they reveal themselves and their tactics, techniques, and procedures.
ACDA Whitepaper - How to Respond to a Cyber Crisis
Active response uses cyber deception, negotiation and dark web intelligence to extract intelligence from the attacker, shape attacker behaviour and assure eradication. Such an intelligence led approach provides better outcomes with greater assurance of recovery and lowered risk of repeat attacks
Medical Device Hijacking Medjack.4
TrapX Investigative Report – Over the last six months, TrapX Labs conducted the world’s first counter-intelligence cyber-deception operation by creating a fake hospital network and disseminating VPN credentials for it in the Darknet. Extensive data was collected on threat actors targeting healthcare providers and unearthed several cases of MEDJACKING
White Paper - Assertive Cyber Security - Avantgard
The deception strategy assumes that a proficient hacking team will find a way in, often through just one machine, network share or database. They will then begin to move laterally to explore the environment, looking for the valuable assets.
If network shares can be set up that are in every sense genuine, and are linked and ‘breadcrumbed’ across the network, but in fact only exist to be visited by hackers, we have the potential for an irresistible decoy trap.
Contact us
Have a question? Want to talk to us?
Blog
More transparent threat intelligence sharing on cyber attacks will be critical to our success in cyber defence. We can see US grappling with this in the wake of the SolarWinds breach but Australia must address this too. The rationa… https://t.co/81B0kLEuCw
Read MoreThis chilling and disturbingly convincing analysis from Charlie Lyons Jones proposes that "Under Xi, the CCP has proven all too willing to incorporate aspects of Hitlerian national socialism into its mode of governance. Carl Schmit… https://t.co/YotDzSdZwY
Read More" .... paraphrasing Sean Connery from one of his movie roles ... the cyber security controls mandated by this bill .... are like bringing a knife to a gunfight." Thanks to lead author @JohnPowell_JP and the Active Cyber Defence Alliance Strategy Group for…
Read MoreNIST now recommends cyber deception and other active cyber defence practices when defending against APTs. "This strategy recognizes that, despite the best protection measures implemented by organizations, the APT may find ways to b… https://t.co/fY6YaMGgdt
Read MoreA key finding here is the importance of an active cyber defence. For "proactive threat intelligence" include dark web scanning and cyber deception tools, in "interactive readiness planning" include a skilled ransom negotiator. "Par… https://t.co/mpa0e66qkC
Read MoreAs a supporter of active cyber defence it's good to see effective lawful countermeasures in action. #activecyberdefence
Read MoreHow should you negotiate with ransomware extortionists? This compelling panel discussion is hosted by my friend Gadi Evron. It is my view that communication with ransomware adversaries is an essential element of an active cyber res… https://t.co/3QHFkhRwCr
Read MoreSeems to me Google is behaving just like China towards Australia. They’re bullying us because they’re terrified everyone else might follow our lead.
Read MoreI hadn't fully appreciated how strategic Taiwan is to the world's information economy. "Taiwan is at least as important for the semiconductor industry today as the Middle East was for the oil industry for a long time. U.S. industry… https://t.co/1pXPgjbHWb
Read MoreGreat work by our partners at OP Innovate.
Read More