Barry Brailey

Head of Offensive Security Services
Barry started his career with the British Army and moved into Intelligence and security roles in 2001.
Talk to an expert
Highlights

Career highlights

Co-founder and Board Member of Information Security Awards New Zealand (iSANZ). Barry has worked in the private and public sectors in New Zealand, including helping to establish the National Cyber Security Centre (NCSC), and went on to be the deputy commissioner for the .nz domain name commission with a focus on ensuring the security and stability of .nz. Barry has worked with a vast range of Australasian customers. He is passionate about helping customers solve their security challenges and understand the cyber threat landscape.

Cyber security news

Latest advisories

Stay ahead of emerging threats with our expert blog posts, research, and industry updates.
Access Token Exposure in URL Parameters in GridTime™ 3000 GNSS Time Server - (CVE-2026-12620)
During a security engagement, Leo Diamat discovered that the GridTime 3000 GNSS Time Server web application transmitted session access tokens via URL query string parameters on multiple endpoints.
Cross-Site Scripting (XSS) Vulnerability on Several Endpoints by Utilising Cross-Site Request Forgery (CSRF) in GridTime™ 3000 GNSS Time Server - (CVE-2026-12619)
During a security engagement, Leo Diamat discovered that multiple endpoints in the GridTime 3000 GNSS Time Server web application were vulnerable to reflected Cross-Site Scripting (XSS) via an unsanitised token parameter.
PHP-FPM (PHP Source) - Stored Cross-Site Scripting (XSS) (CVE-2026-6735)
During a security engagement, Conrad Draper discovered a stored XSS vulnerability in the PHP-FPM status endpoint which was due to a lack of input sanitisation of the request URI. This affects the request URI when displaying stored content.
Discover our services

We have the tools to pinpoint risks

Whether it’s hidden vulnerabilities or patterns you might miss, we help you stay one step ahead and make confident, informed decisions. Understand how our services can help your business uncover critical risks

Talk to an expert
Employee Cyber Training & Awareness
Your people are your first line of defence. Our cyber training builds awareness and sharpens their instincts.
Advisory
When clarity is critical and stakes are high, our advisory services deliver strategic, executive-level security expertise that empowers decision-making.