Security Testing

Security Testing

Cyber Security Testing

Ethical Security Testing

'CESG / Check' IT Health Check


> Strengthen your position in the cyber arms race by identifying risk

> Validate, secure and optimise your security and services

> Discover the holes before they do


Security experts advise on the latest information security threats that businesses face.

Build a robust security strategy to mitigate risk.


 

> Trusted security advisors to thousands of clients

> Get started right away without the need to hire a security testing team or install expensive hardware or software.

> Start small and quickly scale to hundreds of apps.

> Identify vulnerabilities in web, mobile, and thick-client applications.
  



If you are currently running vulnerability scanning tools yourself, then you know, at first-hand, how much time and effort is required for this repetitive task. Managed services can remove that onerous task, freeing you up to focus on higher-value activity. 
Consultants work through your scanning results and validate these to provide you with genuine issues only by removing false positives. 


Why do I need security testing services?


Effectiveness – do the security mechanisms effectively defend against the attacks they were designed to prevent?

Accuracy – do your existing security systems produce any false positives?

Performance – do the security mechanisms pass an acceptable amount of traffic?

Compliance - are you testing your security systems frequently, inline with compliance mandates?









> Penetration Testing



> Known Vulnerability Testing



> Social Engineering



> On-going Automated Vulnerability Assessments


> External & Internal Network Scanning


> PCI ASV Compliant

   

> Ad hoc or pre-programmed

  

> Regular Scans


> Highly Granular Scanning



> Denial of Service (DDoS) Attack Testing




> Web Application Scanning


> Web Application Architecture Reviews




> Application Code Reviews



> Infrastructure and Architecture Security Reviews


RAS (Reliability, availability, and serviceability)



> Mobile Device Testing



> Compliance Testing



  • Compliance, Risk and Audit
  • PCI ASV Testing
  • PCI ASV accredited, enterprise grade scanning platform and methodology Test for OWASP Top 10 and other advanced web application layer testing, including point of sale software.
  • PCI QSA Audits and Consultancy
  • ISO27001 Implementation
  • GSX CoCo testing
  • Third Party Risk Assessments
  • IS&T Operational Health Checks
  • Best Practice Advice



  • Firewall / VPN Testing & Rule Base Audit
  • Remote Network Access Systems
  • Intrusion Prevention Systems (IPS)
  • VPN gateways
  • Databases
  • IPv6 device identification
  • Operating System
  • Network Devices
  • Client Security Testing (kiosks, workstations, laptops, mobile devices)


> Encrypted Traffic




> Data Leakage Testing


> Line Rate Testing



> Wireless 802.11x Assessments & Rogue Access


> VoIP Assessments and Security



> SCADA Process Control Audits



> War-Dialling


Voice lines, including modems, fax machines, voice mail boxes, PBXs, and VOIP systems.



> eMail Server Deployments



> Phishing Test Simulation


Allows you to test the effectiveness of your security awareness training program, or lay the foundation for creating one.


 

Security Accreditation's

> UK Government CESG CHECK scheme


> PCI Security Standards Council 



Security Analysts to hold the SANS GIAC GCIA (GIAC Certified Intrusion Analyst) certification. 
Teams also hold a variety of security industry and product certifications such as CISSP, CCNA, CCSP, CCSE, CCSA, MCSE, etc.
  • CHECK, CREST and PCI accredited
  • We possess CHECK (Green) status - highest level of assurance
  • CTAS accredited
  • CPA accredited
  • Cyber Essentials certifier
  • CREST STAR provider
  • CBEST Approved Penetration Testing provider




Also See


> Cyber Incident Response

> Security Awareness Workshops

  • Secure Coding Workshop
  • Social Engineering Workshop
  • PCI DSS Workshops
  • Information security workshops

> IT CISO / Security Manager

  • Interim CISO/IT Security Manager
  • Mentoring of existing team
  • Compliance with PCI requirements
  • Fill skill gaps in your current team

> Computer Forensics and Incident Response

  • Forensics Analysis
  • Security Incident & Response Management
  • Secure Data Recovery & File Password Cracking