Our Company

Our Founding

elttam was founded by three partners in 2015 - each bringing extensive technical security experience in both industry and academia.

We shared a similar view which had been forming long before "cyber" was used to reference security. We saw a low standard for professional security services, recommendations which encouraged short-sighted security solutions, and a poor success record for the defenders as technology evolved to what it is today.

In response, we created elttam - an independent and specialised security firm with a technical R&D core and progressive company culture. We deliver quality security services to our customers in Australia and abroad, with an experienced and passitionate team working alongside you to address security requirements.

Our Clientelle

Clients include but are not limited to:

  • Software Giants & Growing Software Startups
  • Cloud SaaS Providers
  • Healthcare & Medical Companies
  • Financial Services & Payment Providers
  • Telecommunications & Digital Content Providers
  • Federal Government
  • Non-profit Australian Organisations
Our 7 habits

elttam team members are committed to these 7 habits:

  1. Deliver a premium outcome
  2. Do one thing and do it well
  3. Keep it simple
  4. Lead and not just follow
  5. Invest and experiment
  6. Have a healthy work & life balance
  7. Be excellent to each other

Our Team

Interested in joining our team?

See Roles


I'm a non-profit Australian organisation. Do you do pro-bono work?

Yes we do. But, there's a little catch. At the end of each of our internships, we can set you up with a trained intern to perform real world penetration testing, under the supervision of one of our mentors.

If you're interested in this and meet the requirements (Australian non-profit), please get in touch so we can talk and work out the next availability.

Do you offer internships and if so what's the go?

We certainly do! But we have limited capacity, as we want to make sure there's some decent mentoring.

Interns apply via our common job roles process as advertised. Solve the Capture-the-Flag challenge and we'll have a chat.

How can you allocate 20% or more of your team's time on Research and Development?

Our business model isn't to have everyone on back-to-back delivery. Instead we listen first, and then offer a solution which meets your needs using correctly skilled team members.

These same people tend to enjoy performing R&D, and want to work at a company which encourages curiosity and education. So we guarantee this time.

It just happens to have the nice side effect of continually improving our knowledgebase and quality of service.

I need a (PCI/XYZ/ABC) Penetration Test Performed. Help?

If you're purely seeking a compliance or penetration test checkbox, we're not the right firm for you.

We like to work together with our clients on real problems, deliver high quality results, and evolve your security.

I have a really limited budget and need a penetration test performed. Help?

It depends, we try to only focus on high-quality deliverables.

If you're a startup doing something a bit different to the norm (technically different), and are genuinely seeking a firm with more specialised skills to perform a security review - please get in touch and we may be able to offer an initial discount.

Why aren't you CREST certified?

We don't believe CREST certification is valuable to our customers or consultants. We like to help by doing things differently (and hopefully better).

Please contact us if you have any questions on data privacy or methodologies.

What do you think of the term "cyber"?

It hurts.