-
QINETIQ LIMITED
QinetiQ combines penetration testing and radio frequency site surveys to deliver testing of 802.11(any) based wireless networks. QinetiQ can also perform exercises to detect the presence of unauthorised devices in highly controlled environments. The wireless team has hardware and methodologies to safely test DECT, Bluetooth attacks, and Zigbee (IOT) devices.
-
QINETIQ LIMITED
QinetiQ’s infrastructure penetration testing service goes beyond vulnerability assessment by using practical but safe exploitation, to allow an organisation to explore the true business impact of identified vulnerabilities. QinetiQ’s heritage as the longest established pentest team in the UK allows the use of well-proven methodologies to safely assure client environments.
-
QINETIQ LIMITED
Lost or Stolen device review examines the impact on the organisation following the theft, loss or compromised portable device. QinetiQ will examine this risk to the business from the stored data and by authorised applications, following installation of rogue applications or jail-breaking.
-
QINETIQ LIMITED
QinetiQ’s Cyber Threat Check provides a snapshot of threats, vulnerabilities and other cyber issues for a client’s environment, providing an understanding of the cyber state and how to improve the security posture. This is framed within a wider threat intelligence picture from a variety of sources.
-
QINETIQ LIMITED
The best time to test an organisation’s resilience is before it is attacked. QinetiQ’s Purple Team Coordinated Attack Simulation is designed to team up our Red Team specialists with your Blue Team defenders to identify tools, signatures and techniques used by threat actors before they become a problem.
-
QINETIQ LIMITED
Understanding that people form the most important part of an organisation's defence, QinetiQ's SE service helps identify if your staff training and security culture have been embraced, understood and implemented. SE can be tested through spear phishing (targeted), Vishing (voice), Smishing (SMS) or in person. CHECK, CREST and Cyberscheme
-
QINETIQ LIMITED
This high assurance application and infrastructure testing by highly-experienced and security-cleared CREST and Cyber Scheme penetration security specialists QinetiQ's CHECK service has been collaboratively and proudly using trusted methodologies to safely provide the highest levels of assurance, protecting critical emergency infrastructure, response and communications systems. CHECK, CREST, Cyberscheme
-
QINETIQ LIMITED
This high assurance application and infrastructure Penetration testing by highly-experienced and security-cleared CREST and CyberScheme penetration testing security specialists. QinetiQ's CHECK service has been collaboratively and proudly using trusted methodologies to safely provide the highest levels of assurance, protecting critical emergency infrastructure, response and communications systems. CHECK, CREST, Cyberscheme
-
QINETIQ LIMITED
This high assurance application and infrastructure testing by highly-experienced, security-cleared CREST and CyberScheme penetration security specialists. QinetiQ's CHECK service was born from a defence heritage and understands the need to protect mission systems. Our trusted methodologies provide the highest levels of assurance, communicating the findings in a professional manner.
-
QINETIQ LIMITED
This high assurance application and infrastructure testing by highly-experienced and security-cleared CREST and Cyber Scheme penetration security specialists QinetiQ's CHECK service has been collaboratively and proudly using trusted methodologies to safely provide the highest levels of assurance, protecting critical emergency infrastructure, response and communications systems. CHECK, CREST, Cyberscheme
-
QINETIQ LIMITED
This high assurance application and infrastructure testing by highly-experienced, security-cleared CREST and CyberScheme penetration security specialists. QinetiQ's CHECK service has been collaboratively working with Central Government since the late 1990s, using trusted methodologies to support business needs providing the highest levels of assurance, presenting findings in a useable report.
-
QINETIQ LIMITED
Organisations recognise the importance of training, detecting and protecting against phishing attack vectors but have a hard time gauging how successful these measures are. QinetiQ's phishing service uses social engineering techniques and OSINT to craft tailored, realistic campaigns and provide telemetry on how resilient organisations are to this attack methodology.
-
QINETIQ LIMITED
OSINT is an exercise simulating the activity performed by a threat actor as a precursor to performing a targeted attack. QinetiQ's Security Specialists examine the information available in the public domain, highlighting material that is actionable, or which could be combined to create more complex cyber-attacks. CHECK, CREST and Cyberscheme
-
QINETIQ LIMITED
This high assurance application and infrastructure testing by highly-experienced, security-cleared CREST and CyberScheme penetration security specialists. QinetiQ's CHECK service has been collaboratively supporting accreditation since the late 1990s, proudly using trusted methodologies to safely provide the highest levels of assurance, protecting patient data, communicating findings in a professional manner.
-
QINETIQ LIMITED
QinetiQ will design and execute multiple attack scenarios, support by an open source intelligence gathering exercise, tailored to an organisation, while emulating the capabilities and techniques of threat actors. The Multi-Scenario, Advanced Attack Simulation service provides an organisation the opportunity to evaluate its ability to defend against real world threats.
-
QINETIQ LIMITED
QinetiQ’s unique Cyber Intrusion Exercise takes the key tradecraft elements of a red team and runs small scale exercises to identify your public information, execute a focussed test of your mail filters, and examine you network security should someone breach your perimeter. These rapid paced engagements test key defences efficiently.
-
QINETIQ LIMITED
QinetiQ’s Web Application and Web Service testing service uses a mixture of automated tools and manual testing conducted by CHECK approved specialists to examine the security of both Internet-facing and internal applications, including both browser-based and thick-client based applications, for both known OWASP vulnerabilities and vulnerabilities unique to your organisation.
-
QINETIQ LIMITED
Whether it be Microsoft’s Azure, Amazon’s AWS or another popular provider, QinetiQ can examine the security of an organisation’s cloud hosted web applications, whether they be traditionally hosts, Lambda or Azure functions, or in public or private clouds. Testing can be performed from various role perspectives to provide end-to-end coverage.
-
QINETIQ LIMITED
Examine your organisation’s Internet-facing security posture from the perspective of a remote threat actor getting ready to perform a stand-off electronic targeted attack. These exercises are used by QinetiQ’s clients to proactively examine the attack surface of the organisation, to exercise data loss protection controls, and test Intrusion detection effectiveness.
-
QINETIQ LIMITED
Cyber Maturity Review is a base level maturity assessment that delivers an understanding of your cyber maturity when assessed against (but not specifically trying to audit or achieve) specific Standard(s) and identify remediation actions to improve the maturity of your risk assessment and residual risk and threat & vulnerability management.
-
QINETIQ LIMITED
This service uses best in industry professional toolsets to perform network vulnerability assessment, before removing false-positive and contextualising the results to provide the real risk to the organisation. VA service identifies unpatched and mis-configured services, overlooked default credentials, weak passwords, and deviations from security best practice. CHECK, CREST, Cyberscheme
-
QINETIQ LIMITED
Build reviews examine a server, workstation or laptop against one or more agreed best-practice templates. Operating system patching, build configuration, and lockdown are examined, and application software installed on the system is reviewed to identity vulnerabilities or miss-configurations that could lead to a compromise of the security of the host.
-
QINETIQ LIMITED
Conducting cyber risk assessments to identify/analyse/prioritise information for cyber security risks and mitigations outcomes based on your asset/system criticality. Working with clients to ensure specific business risks are described and understood in business language. Identification and use of appropriate risk assessment methodologies and supporting tools for outcome driven results.
-
QINETIQ LIMITED
Provides fast paced and agile solutions to digital, data and cyber security threats and opportunities. Our diverse community of large corporates, SME’s and Academia produces mission led innovation by utilising advanced capabilities, disruptive ideas and collaborative ways of working. Bringing together customer focused solutions with industry experience and know-how.
-
QINETIQ LIMITED
Pro-actively examining the real-world threat posed by targeted attackers combining social engineering, physical breach and traditional cyber-attack methodologies, attack simulation exercise provides the most comprehensive practical exploration of breach simulation. Performed by highly qualified and trusted security specialists, the attack simulation exercise can safely emulate nearly any potential threat actor.
-
QINETIQ LIMITED
Cyber Business Mapping processes and defines the security architecture in terms of organisational policy, business needs and asset/system criticality. This service determines what business information exchanges are required, which should be prevented, providing a clear and direct mapping between the risks and the security controls needed to manage them.
-
QINETIQ LIMITED
Thorough and trusted device reviews of system configurations, patching and firewall rulesets, performed to identify deviations from best practice that could lead to security compromise. Identifying misconfigurations in network infrastructure such as Switches, Routers and Firewalls that could be leveraged to compromise the security of the environments these devices support.
-
QINETIQ LIMITED
Microsoft Active Directory is the heart of the Enterprise network security model often targeted by threat actors to gain control of IT assets of an organisation. Whether in support accreditation, or to give peace of mind, an Active Directory review will identify deviations from best practice in this important asset.
-
QINETIQ LIMITED
IP Telephony systems connect multiple internal environments within an organisation and have external Internet connections making them an attractive attack vector to cyber attackers attempting to gain a foothold within an environment or move laterally. Testing can examine the configuration of the handsets, servers and/or network segregation for VOIP solutions.
-
QINETIQ LIMITED
Pro-actively examining the real-world threat posed by targeted attackers by combining social engineering, physical breach and traditional cyber-attack methodologies, the AIT exercise provides the most comprehensive practical exploration of breach simulation. Performed by highly qualified and trusted security specialists, the AIT exercise can safely emulate nearly any potential threat actor.