TESTING services

types  of testing

Our testing services are focused in four main areas

Vulnerability Assessments

A Vulnerability Assessment provides a cost-effective, high-level overview of potential security weaknesses, and is often the starting point for organisations implementing a testing programme for the first time.

An automated scan of your internal and/or Internet-facing infrastructure is conducted, quickly identifying known vulnerabilities that may be present.  This typically highlights out of date operating systems in use, missing operating system patches, out of date or unpatched software, configuration issues and many other cyber-security weaknesses that may be very easily exploited by malware or an attacker.

Automated vulnerability assessments allow us to provide immediate feedback on the vulnerabilities that are present in order that you can start to address issues as quickly as possible.

Automated vulnerability assessments are normally a starting point; some vulnerabilities would only be identified by manual testing, which is described in the following sections.

External Network Penetration Testing

Penetration testing, also referred to as pen-testing or ‘ethical hacking’ expands upon the scope of a vulnerability assessment and involves an authorised attempt to gain access to the systems, applications (desktop, web and mobile) and their data.

During the pentest, experienced testers imitate elements of a real cyber-attack where they search for vulnerabilities and identify ways that they could be exploited by those with more malicious intentions.

Ensuring your network perimeter is resilient to Internet-based threats is your first line of defence against both attackers and malware, that may target the network services that your organisation exposes on the Internet.

 An external penetration identifies vulnerabilities that could be exploited by an Internet-based attacker, and evaluates the risk of this occurring using the same techniques that would be used in a real-life cyber-attack.

Internal Network Penetration Testing

Internal vulnerabilities may exist and can be exploited where the external network has already been compromised, or a foothold has been gained via other techniques such as phishing emails. 
An internal pentest will provide you with a full picture of the vulnerabilities that are present, and how they could be exploited by a malicious user or malware. Our accredited penetration testers are experienced in identifying types of vulnerabilities and how they may be exploited.

Website / Web Application Testing

Your website is a window into your business for your clients and potential customers.  Many organisations also run web applications which allow clients to access services provided by you online.  In both cases, it’s critical that your website and web-based applications are secure, and do not put your clients, or your reputation at risk.

Cyber-attacks against websites and web applications frequently lead to data breaches.  Many are automated, and not aimed at a specific target, but the motives behind targeted website attacks can be simply to take your website offline, or to gain access to systems and databases containing sensitive information.

Undertaking a penetration test of your website and any web-based applications identifies vulnerabilities that are present, and which may be exploited resulting in downtime or ultimately unauthorised access to data.

Our testing team are experienced at identifying vulnerabilities in your website or application, allowing you to apply effective security measures to reduce the risk of a security breach.

more services

more Services

Looking for something else?

cybersecurity awareness

A huge part of cyberscurity management is education for business owners, executives and your team.  This is a key deliverable for customers who choose our Cybersecurity Adviser Service, but we can also provide awareness programmes on a standalone basis.

Our awareness programmes will help you educate your entire team, from executive level  down, through appropriate and tailored delivery content and methods.

Tailored Consulting

Need help for a specific project or event? Our tailored consulting is always available on a day-rate basis.

Whether it’s technology assessment, evaluation of cyber insurance policies, deciding on a formal security framework, or just some general advice, we’re here to help.

data protection - GDPR

GDPR (the General Data Protection Regulation) has some very specific requirements around Data Security, check the ICO advice here for a great guide to what you should be thinking about.

Our team can help you with many aspects of GDPR including:

  • Programme Planning
  • Executive Awareness
  • Staff Awareness
  • Data Discovery
  • Impact Assesments
  • Incident response and reporting
  • Data Protection Officers

 

CyberScale LTD • Company no. 04493885 • Registered in England

30 Cattle Market Street, Norwich, Norfolk, NR1 3DY