Pentest People

Penetration Testing (PTaaS)

Penetration testing (PTaaS) of external infrastructure (incl. cloud) and internal infrastructure, including all application types (e.g. mobile and desktop) and APIs. This also includes configuration reviews of Firewalls, Servers, Endpoints and cloud instances. We offer 1x remediation check on 5 vulnerabilities FOC (internet-facing only) within 6 months of report delivery.

Features

• Penetration Testing
• Security Testing
• IT Health Check
• Red Team
• Social Engineering
• Phishing
• CREST
• Cloud Security Configuration & Breach Assessment

Benefits

• Achieve compliance
• Reduce IT risk
• Identify vulnerabilities and recommend remediation advice

£1,000 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@pentestpeople.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

157186886962040

Contact

Dan Rycroft
0330 311 0990
sales@pentestpeople.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme
  • Cyber Scheme

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 12 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: All support given to all customers

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ACM
• ISO/IEC 27001 accreditation date: 25/10/2018
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CHECK
  • CREST
  • Tiger Scheme
  • Cyber Scheme

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are dedicated to fighting climate change and reducing our carbon footprint through comprehensive, evidence-based strategies and forging meaningful partnerships with external organisations, such as JustOneTree, to offset our carbon emissions effectively. Our company encompasses a multi-pronged strategy aimed at significantly lowering greenhouse gas emissions within our operations and beyond, overseen by a nominated in-house representative. This includes investing in renewable energy sources, improving energy efficiency across all our facilities, and advocating for sustainable transport solutions among our staff and stakeholders. Recognising the importance of collaboration in addressing climate change, we are also committed to working closely with relevant external organisations. As an example we work with a charity called JustOne Tree, by supporting their reforestation and afforestation efforts, we aim to offset our carbon emissions in a manner that also promotes biodiversity and supports local communities. Furthermore, we intend to engage with policymakers, industry leaders, and the wider community to advocate for environmental sustainability, pushing for the adoption of green technologies and practices that can lead to a substantial reduction in the UK's carbon footprint. Our approach is designed to not only comply with current environmental legislation but to set a benchmark for corporate responsibility in tackling climate change.

  Covid-19 recovery

  As a leading penetration testing organisation, our proposal is designed to offer a robust Covid-19 recovery strategy, prioritising the security and resilience of digital infrastructures in the wake of the pandemic. The rapid digital transformation and increased reliance on remote work have exposed vulnerabilities within IT systems, underscoring the critical need for comprehensive security assessments and enhancements. Our approach focuses on identifying and mitigating potential cyber threats that have emerged or intensified due to changes in operational models during the pandemic. By conducting thorough penetration tests, we aim to uncover weaknesses in networks, applications, and systems that could be exploited by malicious actors. This proactive measure is essential in safeguarding sensitive data and ensuring the continuity of essential services. In addition to our core penetration testing services, we are committed to promoting cybersecurity awareness and best practices. By empowering organisations with the knowledge and skills to maintain robust security measures, we contribute to a safer, more resilient digital environment post-Covid-19. Our commitment to excellence and continuous improvement positions us as a trusted partner in your organisation's journey towards a secure and resilient recovery from the pandemic's challenges.

  Tackling economic inequality

  Our organisation has a comprehensive programme designed to address systemic disparities. Recognising the multifaceted nature of economic inequality, our approach is rooted in evidence-based interventions that align with the principles of fairness, inclusivity, and sustainability. We collaborate with a number of entities to implement targeted initiatives that address the root causes of economic disparity. This includes enhancing access to quality education and lifelong learning opportunities, promoting equitable employment practices, and ensuring fair wage policies. In light of recent legislation, our programmes will prioritise support for the most vulnerable populations, including low-income families, ethnic minorities, and individuals facing barriers to employment. Our initiative also includes measures to monitor and evaluate the effectiveness of interventions, ensuring transparency and accountability in the allocation of resources and outcomes achieved. By aligning our efforts with current UK government legislation, such as the Levelling Up agenda and recent reforms to welfare and employment law, we aim to create a more equitable economic landscape. Our commitment is to deliver sustainable change, reducing economic inequality a

  Equal opportunity

  Pentest People, as an accredited Investors in People employer, are very aware of the skills gap in technology, particularly in cyber security. This, coupled with the high expectation of qualifications and experience in the field, make it extremely hard to break into cyber security roles, such as penetration testing. Pentest People pride ourselves on our graduate scheme. This gives graduates the ability to gain hands on experience in a cyber security role, straight out of university, which they may not get elsewhere. This is an intense six-month programme of online learning, coupled with hands on testing that allows consultants to gain experience and get up to speed in a real-world environment very quickly. This is along with our apprenticeship program, targeted at school leaves and young, tech hungry minds who want to get into the world of work without more years in academia. We take on graduates and apprentices on a bi-annual basis and some of our most skills, experienced consultants started with us this way. Pentest People have conducted an analysis of their workforce to identify and disparities in gender, race, age or other factors. This data is used to drive our hiring, to make sure where possible, we are able to positively influence any inequalities. This includes targets recruitment to increase representation of underrepresented groups. Alongside our graduate and apprenticeship program, Pentest People offer access to online learning platform and paid for exams. This gives our staff the ability to constantly learn new practices and achieve new levels of qualification. Pentest People promote a hybrid and remote working environment. This gives employees, who do not live in technology centres or have the ability to commute on a daily basis, the ability to work for a fast growing, forward thinking technology company.

  Wellbeing

  Pentest People are a keen advocate for improving and sustaining the physical and mental health of their employees. This is done by offering many employee benefits to try and encourage participation in activities, such as offering a corporate gym membership for employees that is paid for by the business. The corporate membership is with a local independent gym, promoting the ability to take time away from work, exercise on their lunch break and socialise with their co-workers outside of work, in a safe and health promoting environment. This also allows us to support local independent businesses. This is also coupled with vitality health insurance for employees to reward increased activity with added benefits such as free coffee, cinema tickets and corporate discounts. Pentest People have multiple mental health first aiders, that have attended a course to allow understanding in stressful situations and how best to help employees should they need support. This means that employees are trained to keep an eye out for signs of mental fatigue and work-stress, but also gives employees the ability to have someone to approach that isn’t in the management team should they feel they need it. As part of our human resources program, Pentest People also offer 24/7 access to online and phone-based therapists, giving employees the option to speak to someone outside of the workforce should they need to. In an effort to increase company wide, inter-team collaboration and relationships, Pentest People hold events on a monthly basis that give colleagues the ability to socialise and interact outside of work. Promoting relationships internally and allowing colleagues to connect outside of the office environment. This also gives remote or primarily home-based employees the change to interact with colleagues they may not need to speak to daily.

Pricing

• Price: £1,000 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@pentestpeople.com. Tell them what format you need. It will help if you say what assistive technology you use.