A Penetration Test is a security test of your IT systems, servers, computers and software applications too. It is also called an ethical hack – meaning a hack with permission of the owner of the IT systems.
Penetration Testing is an ideal way of seeing how vulnerable your business is to a hacker. All businesses should have an annual penetration test (pen test) in the same way a car has an MoT annually. A pen test should also be commissioned upon network configuration changes to a business. For example new equipment, new software, an office move, or on the opening of new premises.
PCI-DSSBusinesses handling credit and debit cards are subject to the Payment Card Industry Data Security Standards (PCI-DSS) standard. This mandates:
- An annual penetration test
- At least quarterly vulnerability scans
Cyber Essentials PlusThe CES Plus certification mandates an annual pen test. Our pen testing service fully supports this, and we will liaise with your Certification Body for you.
ISO 27001This ISO Security Standard certification also mandates an annual pen test. Our pen testing service fully supports this, and we will liaise with your ISO auditor to explain to them the scope of what has been tested to help you achieve initial certification to this standard and re-certification annually to maintain the standard.
Our ServiceThe borwell cybx team has qualified penetration testers who will:
- Run a full pen test on your external facing (internet connected) IT systems
- Run a vulnerability scan on your internal IT systems
- Produce a report with remedial actions in clear English
- Retest any systems that needed addressing to prove that they have been updated
- Will keep in touch with you and alert you to new vulnerabilities or new ways that hackers are using