Our services

We can walk you through the certification process if you’re unsure of what is required of you or we can provide you access to the portal to self certify, if your organisation is mature and requires less assistance.

We will test your organisation as part of the plus scheme.

​

About our testing services

​

Our testing services are tailored to the organisation, and at the onset we are ensuring that the testing you are seeking is actually what you need to assist you assess your risk.

​

Types of testing provided

​

We provide a wide range of testing services (see each link for details of that testing).

• Penetration Testing

• Web Application Testing

• Wireless Testing

• Mobile Application Testing

• Phishing Testing

• Red Team Testing

​

The testing roadmap

This section outlines how we manage a testing activity with a client:

Once we have exchanged Non Disclosure Agreements (NDAs) we start with a scoping call to allow us to introduce the testers and other support staff that may be working on your test.

We then ask you to explain what you want from the test and where it fits into your overall security management.

We will ask about previous testing you may have conducted and about the impact and remediation steps you have taken since.

We will develop a bespoke test plan around your requirements leveraging good/best practice industry guidelines and standards like CSA(CCM),  MAST, OWASP.

We will arrange dates and times for the testing activity and agree the timeline for report and debrief delivery.

During testing we will keep you informed on a regular basis on the progress and we will contact you if we discover an urgent issue like a critical vulnerability or evidence of the exploitation of a vulnerability (aka a breach).  We will advise you when the testing phase is complete and we will conduct a hot wash-up.  We will then draft the report and presentation materials for your staff.

We will deliver (not by email) your report and debrief materials.  We will include executive summaries and action plans to assist you in the remediation of the issues we identified.  We will conduct a debrief at a mutually convenient date/time.

If your accounts department is on the ball and pays their invoice within 15 days, we offer a retest of any medium or above finding and an up-issue of the report to confirm that the finding is closed.

We will follow up with you 3 months after the completion of the testing to ensure you are progressing the remediation activity.

We contact you 5 months after the completion of the testing as we will be destroying all data (scan results and reports etc) from the testing at the 6 month point (you can request that we retain this data for longer if you are planning additional support from us).