About Enact Cyber

We don't delve.
We enact.

Enact Cyber is a compliance methodology being built on one principle — evidence is gathered before any conclusion is written. This is not a philosophy we aspire to. It is a technical constraint we have proven in practice.

Why this exists

Compliance has become theatre. The methodology is the response.

Across the industry, the same pattern repeats: a consultant arrives, a template is opened, a report is produced. The evidence — if it is gathered at all — is collected to fit conclusions that were already written.

Enact Cyber was founded on a different principle: an AI system cannot write a conclusion before a human auditor has gathered the evidence. This is enforced by the architecture — not just intended by policy.

The methodology has been proven in practice — starting with an Essential Eight ML2 audit environment built from first principles using live PowerShell interrogation against a real Windows Server domain. Three verified findings. All evidence meeting the ASD Assessment Process Guide standard for good evidence. No templates. No hallucination possible.

See the research →

Evidence before conclusion. Always.

Every finding must trace to a specific, gathered artefact. The pipeline is designed so this is structurally enforced — not just intended.

Technical and compliance.

Understanding a control requires understanding the system it sits on. The methodology bridges both — rigorous in compliance language, precise in technical execution.

Building in public.

Enact Cyber is being built transparently. The research is documented. The tools are published. The methodology is demonstrated before it is sold.

The founder

Ten years making sure nothing fell through the cracks. Now building the systems that close them.

Sam Sultan

Founder & Methodology Architect

Diploma — Advanced Networking & Cyber Security, TAFE NSW
Certificate IV in Cyber Security
CompTIA A+ & Server+ (in progress)
Microsoft Datacentre Essentials Scholar
ABN 89 018 036 700

“I spent ten years making sure nothing fell through the cracks. Now I'm building the skills to protect the systems those cracks could break.”

Before Enact Cyber, Sam Sultan spent over a decade working in environments where documentation accuracy was not optional and evidence trails were not a compliance formality — they were the job. Conducting background screenings and privacy consent audits at 100% accuracy under strict SLAs. Managing chain of custody for sensitive medical specimens under data integrity requirements mirroring those of a data centre.

That discipline — gather the evidence, document it precisely, trace every conclusion to its source — is the same discipline that genuine compliance demands. Enact Cyber is the formalisation of that discipline into a methodology, now being built into a technical practice.

Sam is completing a Diploma in Advanced Networking and Cyber Security at TAFE NSW, independently building Essential Eight audit tooling and training environments, and developing the evidence-first pipeline that Enact Cyber's methodology runs on.

Where we are right now — stated honestly

Enact Cyber is an early-stage practice with a live methodology, published research, and a registered ABN. Sam is not yet an ASD-certified auditor — that credential is actively being pursued. Current work is scoped to Essential Eight gap assessments and advisory appropriate to this stage. All scope is communicated honestly before any engagement begins. If we are not the right fit, we will say so.

Proof of methodology

The methodology is not theoretical. It has been demonstrated.

The OzCorp E8 Audit Lab is an independently built Essential Eight ML2 audit environment — Windows Server 2022 domain controller, Active Directory, open source GPO tooling, and a custom PowerShell audit script that interrogates live system state.

Three verified ML2 findings. All evidence meeting the ASD Assessment Process Guide standard for good evidence. Built entirely from public ACSC sources.

View the research →
01

Macro Runtime Scan Scope

ML2 Gap — Verified

MacroRuntimeScanScope = 0 — AMSI scanning disabled. Verified via registry interrogation.

02

Application Hardening

ML2 Gap — Verified

IE11 State: Enabled — deprecated browser active. Verified via feature state query.

03

Privileged Access Management

ML2 Gap — Verified

svc.legacy — Domain Admin inactive 45+ days. Verified via Active Directory query.

The methodology

The philosophy above is only credible because of the process behind it.

Five steps. Evidence first. Secure local processing. Human-verified output. The methodology page explains how each step is enforced — not just intended.

See how we work →

Five steps. No shortcuts.

Work with us

If you want compliance that is actually enacted, let's talk.

Every engagement starts with an honest conversation about what you need and whether we are the right fit to deliver it.

Start a conversationView our research