Skip to main content

Help us improve the Digital Marketplace - send your feedback

Netcraft

Browser Extensions for Cybercrime Protection

Netcraft has extensive experience in validating large data streams to identify malicious URLs including phishing, malware, shopping site skimming attacks, and non-consensual cryptocurrency mining. Netcraft can provide a browser extension for Government employees to use for Chrome, Firefox, Opera and Edge to protect against these threats.

Features

  • Protects employees against phishing
  • Protects employees against web-based malware
  • Extensions for Chrome, Opera, Edge and Firefox
  • Enhance built in browser protection

Benefits

  • Works in the browser with limited installation requirements
  • Design of extension can be customised if required
  • License covers whole organisation
  • Threat types can be customised

Pricing

£90,000 an instance a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rad@netcraft.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

2 9 3 2 9 6 3 2 8 6 1 9 7 7 6

Contact

Netcraft Robert Duncan
Telephone: 01225 447500
Email: rad@netcraft.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
All modern web browsers supported.
System requirements
Web Browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support is provided by email and phone
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support is provided by electronic mail and telephone.
Support available to third parties
No

Onboarding and offboarding

Getting started
We provide online documentation, and also can provide a video call demonstration of the extensions
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
N/A
End-of-contract process
N/A

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Yes
Compatible operating systems
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices
No
Service interface
No
User support accessibility
None or don’t know
API
No
Customisation available
Yes
Description of customisation
Buyers can decide what threat types they would like included in their feed.

Scaling

Independence of resources
We scale our applications to account for load placed by all customers.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
Less than once a year
Penetration testing approach
In-house
Protecting data at rest
Other
Other data at rest protection approach
We physically secure access to our data centre and backup media.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
N/A
Data export formats
Other
Other data export formats
N/A
Data import formats
Other
Other data import formats
Not Applicable

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
If the Service is unavailable continuously for 3 (three) days or unavailable for an aggregate of 120 (one hundred and twenty) hours within the Subscription Period the customer may terminate the Service and receive a pro-rata refund for the unused period.
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
No
Access restrictions in management interfaces and support channels
User Account Authentication, Multi Factor Authentication, IP ACLs
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Risk based approach.
Information security policies and processes
Defined in our internal Policies and Procedures document

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We have an internal change management process
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Netcraft is a PCI approved scanning provider, and tests its own infrastructure. Patches are applied as appropriate.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Netcraft has a Security Incident Detection and Remediation programme.
Incident management type
Supplier-defined controls
Incident management approach
We have an internal policy for handing incidents.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

Tackling economic inequality

Tackling economic inequality

Tackling economic inequality

Netcraft recognises the problem of economic inequality, and where it is possible and reasonable seeks to address it through 1) the creation of new jobs and skills and 2) by increasing its supply chain resilience and capacity:

Netcraft is proud of the employment opportunities it creates and the training it provide its employees to address the skills-gaps in the cybersecurity sector.

As an equal opportunities employer, the employment opportunities Netcraft creates are open to those who historically have faced barriers to employment, or come from deprived areas.

Netcraft supports innovation throughout their supply chain such that they can deliver higher quality goods and services.

Netcraft conducts all its business in an honest and ethical manner, and are committed to acting professionally, fairly and with integrity in all their business dealings and relationships.

Netcraft takes action to identify and manage any cyber risks that arise in the delivery of the services it provides.

Pricing

Price
£90,000 an instance a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
We can offer a 14 day trial of the service.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rad@netcraft.com. Tell them what format you need. It will help if you say what assistive technology you use.