elttam is a boutique Australian IT security firm that provides independent and specialised IT security services.

About us

At elttam, we strive to provide simple, approachable and quality-driven IT security services to our customers.

We are a dedicated team of security professionals with decades of experience. We believe that security should be customised and tailored to your needs. First we listen, then design and offer a solution that's right for you.

Our team contributes to the community by performing research and development - we regularly publish materials, present at industry events, organise security seminars and sit on program review committees of respected conferences.

Contact us to receive more information about our services or get a free quote.

Why elttam?

A team with an established reputation and over a decade of experience

Tailored security services to fit any project or business

Providing services to global software companies and ASX listed enterprises

Made in Australia!

Our services

elttam offers a variety of security services, please explore our offerings below.


Maturity Health Check

I don't know where to start and have a limited budget

"Security" is a broad term. In reality it's a very complicated ecosystem consisting of people, processes and technologies. When it come to security assessments, many companies do not know where to start and how to use their budget wisely.

Our Maturity Health Check service empowers you to understand your overall security posture, which we then leverage to provide a roadmap for maturing your security in a practical and cost-effective way.


Secure Development

I want to embed security within my development lifecycle and automate the identification of common vulnerabilities.

Application security is often tackled in a backwards fashion - penetration testing is performed as the application is ready for production deployment, vulnerabilities are uncovered and are either hastily patched or become accepted risks. Security then becomes an expensive bandaid without ever getting to the root of the problems.

Our Secure Software Development service aims to build security into your software development lifecycle.


Proactive Baseline Assessment

I want a regular assessment of my Internet presence and get notified only for valid security issues.

Maintaining healthy perimeter security and tracking potential information leaks and threats can prove challenging for many and can often be neglected. Threats against low-hanging fruit on perimeters is a prime target for both opportunistic and targeted attackers.

Our Proactive Baseline Assessment service provides a regular review of your Internet presence, tracks deviations to your acceptable baseline and notifies you as new and valid vulnerabilities emerge with relevant guidance.


Code Review

I want an in-depth security audit of my code-base to identify critical vulnerabilities before software release.

Current approaches to security testing can lack a holistic view of protecting your business. Traditional methods such as blackbox penetration testing are a blind approach to security; while useful for assessing perimeter and deployment defences, they can miss major security vulnerabilities and weaknesses within your systems.

elttam is proud to be first in its class, providing code review services to businesses in Australia and abroad. With access to the source, elttam provides in-depth analysis of vulnerabilities, root causes, and offers solid remediation advice that addresses security right at the core of your systems.


Threat Modelling

I want a thorough review of the threats against my application, network or business.

Security attacks are constantly evolving. Security managers have found it difficult to keep up with latest attacks and it therefore becomes difficult to create a realistic threat model for an application or a business. A threat model is a foundation for understanding, tracking and establishing a successful threat management program.

By leveraging years of threat modelling experience, elttam provides a measured and pragmatic approach to assess your threat landscape then provide guidance for managing security threats.

Our threat models provide a detailed view of your threat landscape. We work closely with stakeholders to discuss and understand threats and to prepare tactical and strategic threat management recommendations.


Penetration Testing

I want a high-quality security test, with a practical and cost-effective remediation plan.

As many in the industry would agree, Penetration testing is limited to the allocated time and scope and there is no penetration testing project that can discover all possible vulnerabilities. Therefore the experience of the security tester becomes crucial for timely identification of security issues, prioritising the coverage of testing and communicating the results effectively and clearly.

At elttam, your penetration testing project is delivered by a reputable team of security professionals who have decades of experience delivering security assessments. We assist you to uncover the real needs and set tangible objectives for your security assessment project. We then guide you through every identified security vulnerability and make sure our remediation guidance is clear and achievable.

Our team

At elttam, each partner brings over a decade of experience in security testing, and actively perform and publish the results of our security research.


Pedram Hayati

Pedram specialises in applied security research, security testing and training. He has a PhD in CompSci and over a decade of experience in the technical security space.

He has conducted research in deceptive defense systems, cloud security & spambots. He has presented at well-known conferences and his works have been featured in international press.


Matt Jones

Matt specialises in threat modeling, code review and data analysis. He has over a decade of industry experience in both offensive and defensive roles.

He has presented research and published popular tools in the areas of data mining, defense-in-depth and vulnerability discovery at well-known conferences.


Daniel Hodson

Daniel specialises in code review, penetration testing and developer education. He has over a decade of professional experience in offensive security roles.

He has presented novel technical research and also sits on the program review committee for several respected industry conferences.

Upcoming events

Come and listen to Pedram’s presentation on Security vs. UX at Sydney Testers on February 17th, 2016.

Sydney Testers
Feb 17

Matt will be presenting Threat Modelling 101 at Secure Development Melbourne February 18th, 2016.

Sec Dev Melb
Feb 18

Come and say Hi at Crikeycon on 20th February 2016 in Brisbane, Australia!

Feb 20

Our research

At elttam, performing interesting research & development is what we love to do. We regularly publish and present on our research and attend industry events.



Featured in

Contact us

Send us a message

Send us an email


PGP public key

Sydney (HQ)

Suite 1D, Level 23, 1 Farrer Place, Sydney 2000, NSW

Suite 1D, Level 23, 1 Farrer Place, Sydney

(+61) 02 8004 5952


Suite 504, 365 Little Collins Street, Melbourne 3000, Victoria

Suite 504, 365 Little Collins Street, Melbourne

(+61) 03 9005 1058