Exclusive: How Cybersecurity startup Blackveil is targetting AI-driven threats

After 20 years in the IT trenches, Adam Burns had seen enough.
Burns, the founder of New Zealand-based cybersecurity startup Blackveil, spent much of his career working for managed service providers – firms tasked with overseeing the IT infrastructure of other businesses. And time and again, he says, he witnessed companies fall victim to the same avoidable cyberattacks.
"Each time, I saw the same things going wrong," he said. "The industry was missing something critical."
Blackveil was his answer: a company with a mission to protect the "forgotten child of cybersecurity" by focusing on overlooked but essential components of digital defence.
The turning point came last year, after Burns responded to his twelfth cyberattack incident in short succession. Frustrated by the pattern, he decided to act. "I built a little application, a Python crawler, and stuck it on the internet," he explained. "It ran on the .co.nz TLD for six weeks and confirmed that over 50% of Kiwi businesses had critical gaps in their cybersecurity."
The data, drawn from public domain records, validated Burns' suspicion that weak digital hygiene – like unprotected DNS records – was leaving companies wide open to attack.
From there, Blackveil's reach grew beyond New Zealand. The team expanded their scanning to include Australian businesses and even global Fortune 500 companies. The result? Even the biggest players weren't immune.
"These aren't always advanced attacks," Burns said. "It's usually someone forgetting to change a default password, turn on multi-factor authentication, or tidy up an email record."
But the landscape is rapidly evolving, and the rise of AI-powered cyberattacks, particularly tools like Xanthorox, is escalating the threat. Burns described Xanthorox as "ChatGPT for hackers" – a platform capable of generating malware, conducting reconnaissance, and launching tailored phishing campaigns.
"You don't need technical knowledge anymore," he said. "You just talk to it in plain language. If something doesn't work, it evolves and tries something else. It's terrifying."
To counter this, Blackveil developed its own AI assistant: Buck. While it doesn't yet fix vulnerabilities directly, it acts as an intelligent guide for businesses, simplifying complex security insights into accessible language.
"You log in, scan your domain, and Buck breaks it down for you," Burns said. "You don't have to be a technical guru to understand what's wrong."
For now, Buck exists as a standalone agent, but future versions will be fully integrated into Blackveil's platform.
"Our goal is to make cybersecurity accessible," Burns explained. "We're lifting the veil – hence the name Blackveil – on a space that's been out of reach for many businesses."
The company's flagship product, Blackvault, is a domain security platform that focuses on prevention rather than reaction.
Traditional cybersecurity tools often work in a reactive way, alerting users after something has already gone wrong. Blackvault flips that model by proactively securing digital entry points – what Burns calls "shutting the front door."
According to Blackveil's internal data, aligning three critical DNS records – SPF, DKIM, and DMARC – can reduce phishing, spoofing and spam threats by up to 87%. The company promises deployment within two to four weeks for most businesses.
"For a small to medium-sized business, the return on investment is huge," Burns said. "This is one of the most cost-effective ways to secure your business."
Despite its focus on the ANZ region, Blackveil operates globally, and the remote-first company has seen growing demand abroad. Headquartered in Tauranga, the business can support international clients without needing to be onsite, although on-the-ground assistance is available in the Bay of Plenty.
Burns himself relocated from Auckland a few years ago for a slower pace of life, but remains deeply connected to the broader tech world. In addition to Blackveil, he developed KiwiCost, a side project offering real-time cost comparisons for people living in or moving to New Zealand.
"That one was just me scratching an itch," he said. "But it also helped me practice and refine the design direction for Blackveil."
His approach is anything but traditional. "Most IT companies are run by old guys in blue suits," he joked. "I wanted to bring something different – vibrant, creative and approachable."
That includes how the company communicates. On LinkedIn, Burns shares cybersecurity insights with a dose of humour and sarcasm. One of his recent posts – about seemingly mundane email security protocols – went viral, drawing over 100,000 impressions.
"People are clearly looking for plain-English guidance," he said. "And they appreciate a bit of personality."
Asked what advice he'd give businesses unsure how to prepare for the evolving threat landscape, Burns had three clear steps: train your staff, get the basics right, and monitor your systems.
"Every staff member is a risk if they don't know how to spot bad actors," he said. "Their inbox is their digital passport. If you train them properly and secure your fundamentals, 90% of attacks become impossible."
He added: "And after that, monitor everything – because DNS records can be altered by mistake, or worse."
For those in crisis, Blackveil also offers an emergency helpline – 0508 HACKED – designed to provide immediate assistance to compromised businesses.
"That line goes straight to my mobile," Burns said. "It's about being there when people need us most."
Blackvault is still evolving, with plans to become what Burns calls "the Swiss Army knife of domain security."
But his goal remains clear: "We want to make strong cybersecurity achievable for everyone," he said. "Because it's not just big companies under threat anymore – it's all of us."

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

RNZ News

4 hours ago

• RNZ News

Free cuts a 'win-win' at Mr Barber

Whether you are after a fade, slick back, perm or a buzz cut look no further - a barber training centre in the Auckland CBD is offering free trims. If you do not mind yours being the first hair the apprentice barber has ever cut, that is. Mr Barber, an NZQA approved and registered training centre, is the only barber-specific training centre in Aotearoa. Barbers-in-training are chucked straight into the deep end, practising on real people from day one. At 10am on Thursday outside Mr Barber in the Auckland CBD, the place was already buzzing. For 25 years, Aucklanders have been going to the training school for a free trim, while apprentices snip their way towards a level four certificate in commercial barbering. Danelle Higgins did her barber training at Mr Barber in 2019. Now, alongside her brother Brodie, she is running the course. "We come up from a small town called Murupara. It's all poverty and all of that stuff. I wanted to do something different, help people, get them a qual. I had it hard growing up, so I touch base with a lot of these boys." Would-be barbers complete a 12-week course covering both theory and practical skills. They are then put on placements in barbershops, where they must work 780 hours to complete the qualification. Although the job market has slowed, especially during winter, she said there is no shortage of people applying to join their crew. "We get barber shops calling us up all the time for barber students. We have a barber job page as well, [if] they have job vacancies." Clarence Morrison has just graduated from the three-month programme and is soon heading into a placement. "It was something for like an investment for me. Came from drugs, alcohol, prison sort of background, brought up in foster homes and kind of cheated my way through life. "Those things don't really last, so it's starting from scratch again and this is a good place." Morrison has cut the hair of homeless people, university students, tourists and people popping in for a short back-and-sides during their work lunch break. "It gives some hope, people that are going for a job interview and if they're unsure, you're able to give them some confidence, to be able to step into their day. "It's like [being] little ambassadors for the community." Alex Burnett completed the course with one of his mates and is now a tutor on the course. "I was sort of at a loose end a little bit after school, just doing odd jobs and stuff and I just sort of thought of it as something that would suit me and I gave it a try and never looked back." Burnett said he can have 20 conversations a day with different customers. "We've had a lot of people that have been coming through since the start, and it helps with getting people something that they need and they can get it for free. "It's a win-win, really, because these guys get to get to learn, get to practise on them." When he is not working at a barbershop up on Karangahape Road, Alex works as a part-time a tutor at the school, where he's able to give tips from his own experience. "It gets the nerves out of the way and gets them used to having real people in the chair and having proper conversations, cause it's more than just cutting. "If you've just got a mannequin, all you're doing is cutting, whereas in here, you can talk to your customers [and] you can learn about yourself." Mr Barber was the brainchild of Jacqui Spence and her barber husband Neville, who, when they moved to New Zealand from the United Kingdom, saw the need for a barber-specific course. Jacqui said 90 percent of barbers walk into jobs when they complete it. "They've come through and done something that they've been passionate about and learned a trade and gone forward. "A lot of them have gone on to open their own businesses ultimately and they've raised their family and been able to live a really good life because of it." The school operates from 9.30am to 4pm Monday to Friday, with free haircuts on offer from 10 - 12pm and 1 - 3pm.

Techday NZ

5 hours ago

• Techday NZ

JFrog & TL Consulting boost APAC software supply chain security

JFrog has announced a partnership with TL Consulting to improve enterprise software supply chain governance and security for organisations across Asia Pacific. The collaboration will allow APAC-based organisations immediate access to the JFrog Platform through TL Consulting, accompanied by a portfolio of consulting services that includes regulatory compliance, cybersecurity, risk management, development efficiency training, and cloud migration strategy planning. TL Consulting, based in Australia, specialises in cloud-native, GitHub, and Microsoft DevSecOps implementations. As a certified JFrog partner, it will offer both the JFrog Platform and related consulting to help enterprises govern and secure their business and AI-driven applications across both on-premises and cloud environments. Expanding across APAC Sunny Rao, Senior Vice President of APAC for JFrog, addressed the significance of the partnership, saying: "Partnering with TL Consulting, with its extensive APAC market expertise, excellent range of services, and deep understanding of modern cloud and data platforms, made perfect sense for furthering our growth. As the APAC market matures, especially with AI/ML advances, our combined efforts will help drive automation, security, and trusted software releases, enabling customers to build scalable, future-ready solutions that accelerate their innovation and growth." This partnership arrives amid an environment where the integration of security in software development is becoming increasingly complex. Traditional DevSecOps focuses on embedding security from the outset of the software development lifecycle, aiming to reduce vulnerabilities and ensure quality delivery. With the rise of AI, machine learning, and generative technologies, software supply chains are becoming more complicated, prompting the need for more unified development frameworks such as EveryOps. EveryOps provides a broader methodology for overseeing the modern software development lifecycle, enabling alignment of development, security, data science, and operations teams. This is relevant to the APAC region as organisations attempt to modernise their IT practices for business growth and risk management. Customer integration and support As part of the agreement, TL Consulting will be responsible for delivering the JFrog Platform to its APAC customers, alongside compliance guidance and support for supply chain security. TL Consulting's consulting services are designed to help organisations implement DevSecOps practices and navigate the growing importance of regulatory and cybersecurity considerations. Stephen Marryatt, Chief Executive Officer of TL Consulting, commented on the partnership's goals: "At TL Consulting, our goal is always to delight our customers with solid, new-age technologies that scale to meet their evolving business needs and digital transformation goals. Our partnership with JFrog underscores our commitment to helping customers integrate security throughout the development lifecycle and establish strong DevSecOps practices. As an accredited GitHub partner, we also see the JFrog-GitHub integration as a game-changer for streamlining workflows to make developers more efficient while strengthening security. Together with JFrog, we're delivering on our vision to help customers drive digital transformation so they remain agile and competitive in the rapidly evolving APAC market." With the partnership in place, both companies aim to provide organisations in the APAC region with tools and expertise needed to manage increasing technology complexity. The offering is expected to help accelerate secure software releases and improve team collaboration across development and operations functions. This move aligns with APAC market trends, reflecting the need for organisations to meet tougher security, governance and compliance requirements as they increase reliance on modern cloud, machine learning, and AI-powered applications.

Techday NZ

6 hours ago

• Techday NZ

Exclusive: How Cybersecurity startup Blackveil is targetting AI-driven threats

After 20 years in the IT trenches, Adam Burns had seen enough. Burns, the founder of New Zealand-based cybersecurity startup Blackveil, spent much of his career working for managed service providers – firms tasked with overseeing the IT infrastructure of other businesses. And time and again, he says, he witnessed companies fall victim to the same avoidable cyberattacks. "Each time, I saw the same things going wrong," he said. "The industry was missing something critical." Blackveil was his answer: a company with a mission to protect the "forgotten child of cybersecurity" by focusing on overlooked but essential components of digital defence. The turning point came last year, after Burns responded to his twelfth cyberattack incident in short succession. Frustrated by the pattern, he decided to act. "I built a little application, a Python crawler, and stuck it on the internet," he explained. "It ran on the . TLD for six weeks and confirmed that over 50% of Kiwi businesses had critical gaps in their cybersecurity." The data, drawn from public domain records, validated Burns' suspicion that weak digital hygiene – like unprotected DNS records – was leaving companies wide open to attack. From there, Blackveil's reach grew beyond New Zealand. The team expanded their scanning to include Australian businesses and even global Fortune 500 companies. The result? Even the biggest players weren't immune. "These aren't always advanced attacks," Burns said. "It's usually someone forgetting to change a default password, turn on multi-factor authentication, or tidy up an email record." But the landscape is rapidly evolving, and the rise of AI-powered cyberattacks, particularly tools like Xanthorox, is escalating the threat. Burns described Xanthorox as "ChatGPT for hackers" – a platform capable of generating malware, conducting reconnaissance, and launching tailored phishing campaigns. "You don't need technical knowledge anymore," he said. "You just talk to it in plain language. If something doesn't work, it evolves and tries something else. It's terrifying." To counter this, Blackveil developed its own AI assistant: Buck. While it doesn't yet fix vulnerabilities directly, it acts as an intelligent guide for businesses, simplifying complex security insights into accessible language. "You log in, scan your domain, and Buck breaks it down for you," Burns said. "You don't have to be a technical guru to understand what's wrong." For now, Buck exists as a standalone agent, but future versions will be fully integrated into Blackveil's platform. "Our goal is to make cybersecurity accessible," Burns explained. "We're lifting the veil – hence the name Blackveil – on a space that's been out of reach for many businesses." The company's flagship product, Blackvault, is a domain security platform that focuses on prevention rather than reaction. Traditional cybersecurity tools often work in a reactive way, alerting users after something has already gone wrong. Blackvault flips that model by proactively securing digital entry points – what Burns calls "shutting the front door." According to Blackveil's internal data, aligning three critical DNS records – SPF, DKIM, and DMARC – can reduce phishing, spoofing and spam threats by up to 87%. The company promises deployment within two to four weeks for most businesses. "For a small to medium-sized business, the return on investment is huge," Burns said. "This is one of the most cost-effective ways to secure your business." Despite its focus on the ANZ region, Blackveil operates globally, and the remote-first company has seen growing demand abroad. Headquartered in Tauranga, the business can support international clients without needing to be onsite, although on-the-ground assistance is available in the Bay of Plenty. Burns himself relocated from Auckland a few years ago for a slower pace of life, but remains deeply connected to the broader tech world. In addition to Blackveil, he developed KiwiCost, a side project offering real-time cost comparisons for people living in or moving to New Zealand. "That one was just me scratching an itch," he said. "But it also helped me practice and refine the design direction for Blackveil." His approach is anything but traditional. "Most IT companies are run by old guys in blue suits," he joked. "I wanted to bring something different – vibrant, creative and approachable." That includes how the company communicates. On LinkedIn, Burns shares cybersecurity insights with a dose of humour and sarcasm. One of his recent posts – about seemingly mundane email security protocols – went viral, drawing over 100,000 impressions. "People are clearly looking for plain-English guidance," he said. "And they appreciate a bit of personality." Asked what advice he'd give businesses unsure how to prepare for the evolving threat landscape, Burns had three clear steps: train your staff, get the basics right, and monitor your systems. "Every staff member is a risk if they don't know how to spot bad actors," he said. "Their inbox is their digital passport. If you train them properly and secure your fundamentals, 90% of attacks become impossible." He added: "And after that, monitor everything – because DNS records can be altered by mistake, or worse." For those in crisis, Blackveil also offers an emergency helpline – 0508 HACKED – designed to provide immediate assistance to compromised businesses. "That line goes straight to my mobile," Burns said. "It's about being there when people need us most." Blackvault is still evolving, with plans to become what Burns calls "the Swiss Army knife of domain security." But his goal remains clear: "We want to make strong cybersecurity achievable for everyone," he said. "Because it's not just big companies under threat anymore – it's all of us."