8th September 2017

Penetration Testing

A Penetration Test is a security test of your IT systems, servers, computers and software applications too.  It is also called an ethical hack – meaning a hack with permission of the owner of the IT systems.

Ethical Hack

Penetration Testing is an ideal way of seeing how vulnerable your business is to a hacker.  All businesses should have an annual penetration test (pen test) in the same way a car has an MoT annually.  A pen test should also be commissioned upon network configuration changes to a business.  For example new equipment, new software, an office move, or on the opening of new premises.

PCI-DSS

Businesses handling credit and debit cards are subject to the Payment Card Industry Data Security Standards (PCI-DSS) standard.  This mandates:
  • An annual penetration test
  • At least quarterly vulnerability scans

Cyber Essentials Plus

The CES Plus certification mandates an annual pen test.  Our pen testing service fully supports this, and we will liaise with your Certification Body for you.

ISO 27001

This ISO Security Standard certification also mandates an annual pen test.  Our pen testing service fully supports this, and we will liaise with your ISO auditor to explain to them the scope of what has been tested to help you achieve initial certification to this standard and re-certification annually to maintain the standard.

Our Service

The borwell cybx team has qualified penetration testers who will:
  1. Run a full pen test on your external facing (internet connected) IT systems
  2. Run a vulnerability scan on your internal IT systems
  3. Produce a report with remedial actions in clear English
  4. Retest any systems that needed addressing to prove that they have been updated
  5. Will keep in touch with you and alert you to new vulnerabilities or new ways that hackers are using

Our Reach

The borwell cybx team is UK based and can reach all businesses within 24 hours if an urgent test is needed.  We have international partners who can support businesses globally, who we sub-contract in for the on site security work.  Our team will perform the pen test element remotely. If you are interested in the penetration testing service please contact us