The Latest Red Piranha News
|
|
It’s been a busy few weeks at Red Piranha, and we’ve got plenty to share. The recent ASIC enforcement action against Fortnum Private Wealth is a timely reminder that cyber governance failures carry serious consequences. As regulatory pressure intensifies, it’s essential to reassess your organisation’s security posture, ensuring controls are not only in place but effectively enforced. Red Piranha is here to help, with the expertise, tools, and guidance you need to stay compliant and secure.
Last month, we organised a Knowledge Sprint on Automating Best Practices in M365 with Crystal Eye, where our experts demonstrated how to streamline and enforce security across Microsoft 365, Azure, and Entra ID from a single, intuitive interface, Crystal Eye. A sincere thank you to everyone who attended the session. Your continued support is key to driving better security outcomes across the ecosystem.
Don’t forget to register for the upcoming session. Please scroll down to find the details.
|
Knowledge Sprint - Securing Microservices: APIs, Containers and Beyond with DAS
|
 |
|
As organisations scale across hybrid and multi-cloud environments, traditional perimeter-based controls are no longer sufficient to prevent lateral movement or enforce granular access policies. Microsegmentation has emerged as a critical architectural component for zero trust implementation and yet most enterprises still struggle with practical deployment, policy definition, and long-term operational management.
This session introduces Crystal Eye’s Declarative Authorisation Service (DAS), which supports microsegmentation by allowing security teams to define and enforce policies at the workload level using a policy-as-code model. DAS delivers context-aware access control across containerised applications, APIs, virtual machines, and cloud-native services aligning with Gartner’s recommendations for identity-based segmentation and dynamic trust zoning.
|
|
Secure your spot today
|
Crystal Eye Platform Updates
|
Crystal Eye 5.5 is here with key stability and performance upgrades. Advanced Firewall now manages High Availability state changes more smoothly. CEASR improves API communications, update management, and interface design. Database components tighten log rotation and error handling.
The DNS Server gives clearer messages when blocking content. Events and Notifications, along with the SIEM module, now handle logs and CESOC communication more efficiently. Intrusion Detection & Protection updates default alert types and cleans up template handling in the Threat Hunt Dashboard.
M365 Policy Manager now shows richer Microsoft 365 data and better WireGuard activity reports. Risk Auditing strengthens CEASR integration, improves policy management, and handles device tags more effectively. Network Detail Report and Network Map run faster with optimised scripts. Network Settings gains Link Aggregation support. Vulnerability Scanning allows you to enter custom IPs, ranges, and subnets directly in the UI. WireGuard improves reporting to M365. The Windows Client gets better link management, cleaner logs, easier configuration handling, improved diagnostics, stronger SSO, and security updates.
XDR Reports now delivers sharper insights across the Threat Hunt Dashboard, Network Map, and Network Detail Report.
For the full rundown of Crystal Eye Release Notes, see our Forum updates below:
With the launch of Crystal Eye 5.5, version 4.5 has officially reached its End of Life. If you’re running any version older than 5.0, now is the time to upgrade. Moving to the latest release not only gives you access to major system improvements and new capabilities, but it also ensures your environment stays fully supported.
If you’re not on 5.5 yet, here’s what you’re missing:
- Link Aggregation Support
- Entra ID Management and Policy Configuration in your Crystal Eye UI
- Entra ID Single Sign-On for WireGuard VPN
- SD-WAN Monitoring
- Enhanced Risk Auditing and Policy Management in CEASR
- DAS (Declarative Authorisation Service) for Policy-as-Code granular access control and SaaS monitoring
The 5.5 release is packed with features designed to add value no matter where you are in your cybersecurity journey. Upgrading is free for all systems currently running 5.0. For help or details, reach out to support@redpiranha.net or visit the Forum (forum.redpiranha.net).
|
Service Spotlight: Threat Detection, Investigation and Response (TDIR)
|
 |
|
The rapid evolution of adversaries ranging from evasive malware to living-off-the-land techniques has rendered legacy endpoint-focused defences insufficient. As threat actors continue to bypass traditional EDR and perimeter-based controls, the imperative for organisations is clear: shift toward integrated, intelligence-driven Threat Detection, Investigation, and Response (TDIR) capabilities.
In response to this growing need, international cybersecurity authorities, including ASD’s ACSC, CISA, NSA, and FBI, have jointly published strategic guidance outlining core logging and detection best practices. These include the implementation of centralised logging, extended log retention, correlation of critical events, and policy-driven response mechanisms, all aimed at strengthening operational resilience.
Crystal Eye’s TDIR solution directly aligns with these mandates.
By delivering unified detection, investigation, and response across hybrid environments, Crystal Eye enables:
- Continuous monitoring of high-priority attack techniques and indicators of compromise
- Centralised event logging and secure, policy-bound retention
- Scalable detection rules tailored to regulatory frameworks
- Advanced analytics and threat intelligence integration
- Customisable log retention exceeding 18 months for compliance readiness
The platform’s design reflects the architectural principles recommended by global security agencies and is optimised for use across small to large enterprise environments seeking alignment with zero trust, compliance, and incident readiness goals.
To explore how Crystal Eye TDIR can support your security operations in line with industry guidance, contact us.
|
|
Learn more about TDIR
|
Red Piranha Events
|
|
Here’s a sneak peek into the event we attended recently:
SMBiT Professionals Sydney Chapter Meeting – August
Earlier this week, we attended the SMBiT Professionals Sydney Chapter Meeting, connecting with our friends and peers in the industry to discuss securing and scaling SMB environments.
It was a fantastic turnout, with engaging conversations where we showcased Red Piranha's capabilities and the role of our Crystal Eye platform in the evolving threat landscape. We also shared insights into our Offensive Security and GRC teams, highlighting how we deliver end-to-end protection and compliance for SMBs.
ECU’s CSGR Boardroom Blindspot: Cyber Risk vs Corporate Reality
Adam joined industry experts Nick George, John McMath, and Jonathan McCoy for a thought-provoking panel exploring how directors can navigate evolving risks. From threat landscapes and mitigation to cyber-related D&O insurance, the discussion dove deep into the broader business impacts of Cyber Resilience and how boards can lead the charge.
A key takeaway: directors don’t need to be cyber experts, but they do need to bring their “inquiry minds” to the table. Cyber risk is no longer confined to the IT department - it’s a strategic concern that touches every layer of governance.
Huge thanks to ECU School of Business and Law for sponsoring and facilitating the evening. Events like these are essential for spreading awareness beyond the cyber community and empowering leaders with the insight to act.
|
Subscribe
Now
|
Request a
Demo
|
Leave a
Review
|
|
|
|
Questions?
|
|
Get in touch. If you have any questions, comments or feedback regarding our ongoing programs, products or services, please submit them to support@redpiranha.net or head to our forum at https://forum.redpiranha.net/.
|
|
**Terms and conditions apply!
Contact your business development manager to receive a copy of the terms and conditions.
|
|
|
|
|
Copyright 2025 – Red Piranha - All Rights Reserved
|
|
|
|
|
