Blogs
Microsoft 365 Copilot Business: SMB offers and opportunities.
From July 1, Microsoft's new SMB Copilot pricing creates a bigger partner opportunity. Here's what's changed and how to turn it into more sales.
ZIRILIO
Proactive Cyber Security. Safer together.
ZIRILIO Penetration Testing: Identifying Risks Before Attackers Do
ZIRILIO is a specialised Australian cybersecurity provider that has been supporting enterprises and government agencies since 2008. With ISO 27001 certified facilities and a 24/7 Security Operations Centre, ZIRILIO delivers advanced services that include penetration testing, threat detection and incident response.
Cyber threats are evolving at a rapid pace. According to IBM’s 2025 Cost of a Data Breach Report, AI-generated phishing now accounts for 37% of all breaches involving AI. Attackers are also targeting supply chains, cloud environments and human behaviour. With the average cost of a data breach in Australia now at A$4.26 million, organisations need a proactive way to find and fix weaknesses before criminals can take advantage of them.
Request a Call
Thank you for submitting your details! A member of our team will be in touch soon.
Solution Offerings
Penetration Testing
Performed to evaluate & assess IT infrastructure, network, web applications and mobile devices, to find weaknesses that could be exploited by an attacker.
ZIRILIO Managed Security Operations Centre (ZSOC)
ZSOC combines advanced software with highly trained, Australia-based cybersecurity engineers who watch over your network. ZSOC can scale from basic monitoring of a few devices to a fully managed security solution supporting massive networks.
Incident Response
ZIRILIO’s model is transparent and easy to understand. Working on a retainer-based model, ZIRILIO provides our customers quick responses when we are notified of a suspected breach, including malware, unauthorised access to your systems, unauthorised payments and data loss or theft, to name a few.
Crayon and ZIRILIO are better together
The addition of ZIRILIO to the Crayon cybersecurity solutions portfolio provides partners with the opportunity to instantly expand and enhance security services, and offer 24x7x365 security monitoring and incident response services to customers. ZIRILIO’s Security Operations Centre (SOC) integrates industry leading technology with the experience and knowledge of our cyber-security team to protect organizations against cyber-threats.
The ZIRILIO SOC is a platform where information systems such as websites, databases, endpoints, and data centers are monitored, assessed, and protected. The SOC aggregates and correlates data from ZIRILIO’s security solutions and the customers’ existing solutions, providing a unified view of their security posture.
ZIRILIO’s well-renowned 24×7 Security Operations Centre and high-end Managed Security Services have all data region-locked in ISO 27001-certified data centers, located in Sydney Australia are SOC2+ certified.
ZIRILIO Partner Program
In partnership with Crayon, ZIRILIO provides penetration testing that safely simulates real-world attacks to uncover vulnerabilities. These controlled tests go much deeper than automated scans, providing a clear view of where systems are exposed and how attackers might gain access. Each test concludes with tailored recommendations to strengthen defences and reduce risk.
ZIRILIO’s penetration testing covers every layer of an organisation’s environment:
- Web applications: Uncovering flaws in online platforms that could expose data.
- Mobile applications: Assessing the security of mobile apps across all devices.
- Network infrastructure: Evaluating the resilience of servers, routers and firewalls.
- Wireless environments: Securing Wi-Fi networks against unauthorised access.
- Physical security: Testing the protections around IT assets and facilities.
Social engineering: Measuring staff awareness and resilience to phishing attacks.
Security isn’t just about what gets tested, but how often it gets tested. ZIRILIO recommends testing web applications throughout the development cycle, before launch, and then annually. Critical systems should be tested quarterly, while social engineering assessments are most effective when run each year. Any significant system changes or newly disclosed vulnerabilities should also trigger an immediate review. This regular testing ensures businesses meet compliance requirements under frameworks such as ISO 27001, SOC 2 and CREST, while staying prepared for new and emerging threats.
By taking this proactive approach, organisations can:
- Strengthen their overall security posture.
- Validate the effectiveness of existing controls.
- Improve readiness and response to incidents.
- Safeguard sensitive data and maintain customer trust.
Penetration testing is not a one-off project, but an ongoing commitment to security. With ZIRILIO and Crayon, organisations gain the expertise and assurance needed to maintain strong, adaptive defences as cyber threats continue to evolve.
Crayon’s go to market model ensures ZIRILIO can accelerate adoption of it’s testing services and managed security solutions.
Ryan Mistry
COO, ZIRILIO
Related Resources
Blogs
Security SPD Business Case
Does the investment in Security SPD attainment stack up against the potential for partners to make a strong commercial return? Michael Brooke explores the economics in the last in this three-part series.
Blogs
Attaining a Security SPD
In the second article in our Security SPD series, Michael Brooke offers tips to help partners gain the insight track from start to finish.
Blogs
Microsoft Security SPD
In the first of a 3-part series, Michael Brooke explains why the buying signals from the market make Security SPD attainment worth a close look for partners.
Press Release
CRN Channel Chiefs Australia 2026
Crayon’s Mathew Howard named in 2026 CRN Australia Channel Chiefs list for driving partner success, innovation, and growth in ANZ IT channels.
Blogs
Copilot for All
Learn how Microsoft’s strategic Copilot for All framework combines with Crayon’s inhouse AI expertise to drive practice development and revenue growth for partners.
On Demand Webinars
Data Protection Webinar
Watch the on‑demand webinar on turning data risk into revenue. Learn how partners use data protection maturity models to drive recurring revenue and customer trust.
On Demand Webinars
Accelerate Your Security Practice with Microsoft SPD
Join our team for a business and technical deep dive into the Microsoft Security SPD and why attaining it is great for business.
Business
AvePoint Partner onboarding content
AvePoint Partner onboarding content packs are now available from Crayon to help fast track confidence and success for your team.
On Demand Webinars
Copilot Partners: Unlock your opportunities
Our latest On-Demand webinar provides a practical, execution focused walk through the full Copilot partner journey, from early adoption to advanced scenarios.
Blogs
Proving Data Protection Compliance
Fragmented data protection systems and processes create compliance proof-gaps for SMB customers. Scott Hagenus, Director, Cybersecurity here at Crayon explains.
Insights
Data Protection Resource Round-Up
Data Protection priorities are shifting for SMBs. Ramp up your ability to respond with curated insights, articles and resources to help you guide every customer conversation with confidence.
Insights
M365 Copilot Hub
All the latest insights, articles and resources on M365 Copilot, curated into one place.
Guides and eBooks
The Microsoft Fabric Partner Guide
The Microsoft Fabric Partner Guide curates our recent articles, videos and resources to accelerate Crayon partner learning.
Cloud IQ Knowledge Base
Building trust through transparency: Crayon Cloud-iQ’s approach to security
Blogs
Australia is moving rapidly to cybersecurity resilience: how Crayon is doing its part to support partners
Blogs
Cloud Security Assessments are a Growth Opportunity
Crayon cloud security assessments help partners lock down M365 and Azure environments and build profitable cybersecurity practices. Learn how.
