New: MalwareZoo - private malware repository.
Learn more

Assess and improve your CTI and SecOps capabilities.

Cosive are Cyber Threat Intelligence & Security Operations experts with decades of specialised consulting, engineering, and managed security platforms experience.

Talk to us
  • I am a
    _________
  • and I'm interested in
    _________
Explore our capabilities

Our security products

All the benefits of MISP with the convenience of SaaS. CloudMISP is a ready-to-use MISP instance in the cloud, managed for you by a team of security experts with battle-tested MISP experience.

More information

Cosive’s SaaS malware repository, MalwareZoo, is powered by Assemblyline 4 and for teams who want to automatically analyse and safely store sensitive malware on a private, segregated system.

More information

Prevents financial fraud by detecting when attackers try to manipulate your customers’ and staff web browsers, including when malware changes what the user sees.

More information

About
Cosive

Founded in 2015 and based across Australia and New Zealand, the Cosive team are globally recognised practitioners, consultants, trainers and speakers in the field of Cyber Threat Intelligence and Security Operations.

More about us

Cosive Launches MalwareZoo

Cosive’s SaaS malware repository, MalwareZoo, is powered by Assemblyline 4 and built for teams who want to automatically analyse and safely store sensitive malware on a private, segregated system.

Learn more

Our clients

We have deep domain expertise in sectors facing the most serious cyber threats, from government, to critical infrastructure, to financial services.

Financial Services

Cosive has been trusted to deliver successful cybersecurity projects for many of Australia and New Zealand's major banks, including members of the "Big Four". We thrive on bringing our technical and domain expertise to bear on the kinds of large-scale security challenges faced by organisations in the financial services sector.

Government

We work with government bodies at all levels (federal, state, and local) to enhance their cybersecurity posture, build resilience against evolving threats, and contribute to the overall safety and stability of Australia and New Zealand's digital ecosystem.

Critical Infrastructure

We improve the ability of critical infrastructure providers(including energy, mining, transport and logistics) to protect themselves from cyber threats and ensure the uninterrupted operation of services.

SMBs & Enterprise

We draw upon our extensive engineering capabilities to tackle the distinct cybersecurity challenges faced by both SMBs and Enterprise organisations, including limited resourcing, dynamic compliance requirements, and the critical imperative to safeguard customer data.

Our leadership team

Terry MacDonald

Co-founder & Managing Director

Chris Horsley

Co-founder & CTO
Meet the Cosive team

Articles & news

Browse all articles
Security Operations

Australia’s New Gateway Security Guidance: What Leaders & SOC Teams Should Know

On 24 July 2025, the Australian Department of Home Affairs released a major update to its Protective Security Policy Framework (PSPF) as part of the Commonwealth Uplift Reforms, overhauling how government agencies secure their internet gateways. Gateways are the boundary systems controlling traffic between an organisation and the outside world. This update replaces the old Gateway Security Policy with a new, mandatory Gateway Security Standard, which sets minimum security standards that Commonwealth entities must apply for gateway capabilities. In tandem, the Australian Signals Directorate’s Cyber Security Centre (ASD’s ACSC) published updated guidance to align with the new standard and reflect modern security practices. As someone immersed in the challenges of government gateway security at Verizon for over 14 years, I believe the recent advice marks a dramatic shift in approach.

Threat Intelligence

Creating CTI Like a Journalist

I'm going to argue that as CTI analysts, we often get lost in the middle of these technical woods and forget about the ultimate purpose of threat intel: our outputs. These are commonly called threat intelligence products; the reports, alerts, or briefings we send to help others make decisions and take action. So how do we stay focused on the real purpose of CTI: producing useful, actionable outputs? Consider the lessons from an occupation we’ve had lifelong exposure to: journalism.