Protect your people

AVA is a next-generation vulnerability scanner designed to make human security testing repeatable, measurable, and empowering.

Show me how

How AVA works

Test your organisation for human vulnerabilities in 3 simple phases.

Phase 1: Know

See how people are connected and learn how your organisation is really structured. Use information from both social platforms and internal systems to reveal trust boundaries and pathways.

Phase 2: Test

Safely inject security tests into your networks and monitor propagation in realtime. Instantly deploy automatic tests across email and social networks like Twitter, Facebook, and LinkedIn.

Phase 3: Analyse

Measure the impact of tests, identify behaviour patterns and learn the real effects of security attacks against your people. Compare results between departments and measure the effectiveness of training and awareness campaigns.


4 ways AVA helps you make human security a priority.

Visualise human risk

See how people really connect and communicate across a range of networks, technologies and channels. Safely explore the flow of information in and out of your organisation.

Customisable tests

Test over a range of channels and set up your tests to model real world risks. The lines between personal and business communication are blurring and your tests reflect this while still respecting privacy.

Repeatable & Schedulable

Run tests whenever you need to, and analyse the resulting behavior over time. Customise your tests to run at times that highlight the real working patterns of your organisation.

Make security measurable

Perform tests before and after security awareness campaigns and training to measure their results. Learn which approaches were more effective and who still needs help.


AVA in the press.

Security Software Uses Friendly Phishing to Probe Human Weaknesses That Leave Data Exposed

A tool designed to test key employees with benign phishing messages aims to reduce the risk of corporate data breaches.

MIT Technology Review | August 7, 2015

Scan PCs for Security Problems? Nope, Scan the Users

User error is a serious problem. Perhaps we should find a way to scan the user, a security expert argued at Black Hat.

PCMag Australia | August 8, 2015

Security Tool Tricks Workers Into Spilling Company Secrets

You could use AVA to evaluate the effectiveness of two different security training programs, see which employees need more training, or find places where additional security is needed.

Wired | August 11, 2015

Meet AVA, An App That Hacks Employees To Improve Security

Detecting the weakest security link on a staff usually requires hiring a team of security experts. A New Zealand-based company is now testing an application called AVA to do that job virtually.

Popular Science | August 11, 2015

Neue Software soll menschliche Risiken für IT-Systeme erkennen

Die meisten IT-Sicherheitswerkzeuge zielen auf die rein technische Sicherheit ab und lassen damit den Menschen als Risikofaktor außer Acht. SafeStack aus Neuseeland möchte das ändern.

Heise Online | August 19, 2015

AVA, um software que testa uma frequente brecha de segurança: o comportamento das pessoas

Na mais recente edição da conferência de segurança Black Hat, Laura Bell, CEO da SafeStack, resumiu bem esse cenário: “as pessoas são o caminho que oferece menos resistência [a ataques] e nós precisamos fazer algo sobre isso”.

Tecnoblog | August, 2015

Cómo saber si un 'black hacker' puede engañar a tus empleados

El objetivo de Ava es permitir a las organizaciones constatar periódicamente los patrones de conducta de sus empleados, así como las relaciones clave.

One Magazine | September 1, 2015

Sécurité : tester le facteur humain

La sécurité des systèmes d'information repose sur trois piliers, à savoir les systèmes techniques, les processus et l'humain. Les premiers sont examinés, testés, analysés, et les seconds sont audités, éprouvés, actualisés. Mais quid des utilisateurs?

LeMagIT | September 8, 2015

Send us a message or get involved in AVA