SECARMA GROUP LIMITED

Penetration Testing Services

Our portfolio of Penetration Testing services has been designed to help organisations identify and prioritise risks to their critical assets.

For all vulnerabilities discovered, our customers benefit from clear explanations of the likelihood of compromise and the possible impact of a malicious attack including actionable remediation steps for all findings.

Features

• External and Internal Infrastructure testing
• Web & Mobile Application and API Testing
• Cloud Infrastructure Testing and Active Directory Configuration Reviews
• VPN/Remote Desktop Breakout Services
• Firewall Ruleset and Configuration Review
• Wireless Security Assessments and Build Reviews
• Workstation & Server Build Review
• Source Code Review and Code Assisted Penetration Testing
• Open-Source Intelligence Gathering (OSINT)
• Objective Led Testing Scenarios

Benefits

• Testing delivered by experienced and qualified UK based security consultants
• CREST approved supplier for Penetration Testing services
• Reporting options for technical, non-technical staff and customer facing
• Comprehensive CREST approved methodologies allow repeatable and accurate testing
• Competitive daily rates
• Bespoke testing and reporting solutions to meet your requirements
• Comply with compliance standards such as PCI, PSN ITHC, ISO27001
• Comprehensive aftercare solutions including de-brief meetings, re-testing and consultancy
• Rigorous quality assurance and review process
• Every project has a designated technical contact and project manager

£900 to £1,200 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at actnow@secarma.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

318813286815479

Contact

Megan Evans
0161 513 0960
actnow@secarma.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CREST
  • Tigerscheme
  • Other
• Other security testing certifications:
  • OSCE
  • OSCP
  • OSWE
  • OSWP
  • CRTO
  • CRTL

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Secarma's standard UK operating hours are 9:00am - 5:30pm. Out of hours testing is available for customers where required but will incur additional charges depending on the timeframe that testing is required.

User support

• Email or online ticketing support: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Secarma provides comprehensive support during the full service delivery process for all Penetration Testing services. From pre-test scoping assistance (such as helping the organisation to define the agreed scope and objectives) through to providing guidance on on how to interpret and benchmark the provided results and recommendations. Support services outside of the proposed engagement are priced based upon the technical resource it requires and is calculated based upon the subject matter experts associated daily rate for penetration testing. All engagements are assigned a dedicated senior penetration tester and account manager for aiding with project management, commercial negotiations and resource scheduling.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 23/04/2022
• What the ISO/IEC 27001 doesn’t cover: Nothing- all Secarma portfolio services are covered within the scope of held ISO27001 certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  During the delivery of any customer contracts, Secarma are always looking for ways to reduce our carbon footprint. Our management team have approved our commitment to halve our overall carbon emissions by 2030.; ; To support this, we have developed processes to allow for remote delivery of the majority of our testing and audit services which has drastically reduced our carbon footprint through the reduce need for consultants to travel to site. Unless expressly requested by a customer during delivery of our contractual services. Secarma will always look to deliver engagements remotely to minimise our carbon footprint and impact.; ; Outside of this we have implented the following processes to improve our commitment to help fight climate change:; ; We separate our waste to reduce the amount sent to landfill.; We promote a paperless office approach but use 100% recycled paper where necessary.; We are committed to reducing our environmental impact by using collaborative tools to reduce travel needs.; Our ‘Cycle to Work’ scheme provides vouchers to encourage better ways to travel to the office.; We encourage the use of public transport and car sharing and have schemes in place. Travel card loans are available to encourage use of public transport.; Staff members have access to our Electric Vehicle leasing scheme with Octopus.; We promote a high level of recycling activities and encourage our staff to reduce single use plastic.

  Covid-19 recovery

  During COVID-19 Secarma transitioned to a remote working model immediately with our employees having the immediate ability to work from home as they had personal work laptops and mobile phones. We have also invested in remote working and webinar tools such as Microsoft Teams which enables us to communicate and collaborate effectively internally and with customers whilst working from home and reduces the need to travel for onsite meetings. This resulted in a efficient period of transition and supported our teams to continue delivering services without customer impact to the same high standard.; ; On any contracted service Secarma will endeavour to support organisations and businesses to manage and recover from the impacts of COVID-19, including the remote delivery of services where appropriate to limit the risk of COVID-19 transmission and any financial costs for our customer such as expenses.

  Tackling economic inequality

  Throughout Secarma’s growth and expansion, we as a business have created new jobs and developed skills to tackle economic equality and through our security assurance and consultancy offerings. Help our customers to identify gaps within their information security teams which could be filled via recruitment activities or staff training and development.; ; Secarma have tackled this challenge by rethinking our corporate social responsibility and recruitment policies and requirements. Allowing us to explore conversations with candidates who have been unsuccessful or unlucky in previous recruitment opportunities, designed collaborative initiatives with universities and school leavers, implement more flexible hybrid working policies, put a greater emphasis on investment in skills and career development for internal staff members and ensuring all staff members earn a living wage.; ; By doing this we also add value to our customer engagements by reviewing risks within their own supply chains which may not have been considered such as legacy, unauthorised or vetted subcontractors or suppliers, excessive working hours that could lead to a disgruntled employee becoming an insider threat, deviations from social media or branding best practices that could lead to potential defamation risks alongside many others.

  Equal opportunity

  Secarma have defined ‘Equal Opportunity’ and ‘Equality and Diversity’ policies in line with our ISO policies and management systems. Which outline our commitment to providing equal opportunities to all employees. These are taken into consideration across the delivery of all customer engagements within the scope of a proposed customer contract and when looking to recruit new staff members or explore career progression opportunities for staff members.

  Wellbeing

  To ensure Secarma staff are happy, healthy and feel like they have a safe environment they can succeed and excel in even when non office based and working remotely. ; ; We set ourselves the aim of creating an open door culture that promoted openness to remove stigma around mental health concerns and honesty on tackling mental and physical health challenges. We implemented several mental and physical wellbeing initiatives that are available to all staff members. These include:; Dedicated Mental Health First Aiders- Our MHFA team members play a key role in supporting colleagues across the company.; External access to trained specialist counsellors where required; AXA Doctor at Hand - providing a private online GP service, available 24x7 for all staff members.; Access to AXA Private Medical Insurance; Quarterly Team Building Events, Socials and our Annual Snowdon Hiking Trip and Skills School; Saved links to commonly used external support and mental health services - including Samaritans, Mind, CALM, Anxiety UK, Mind Out and several smaller community charities.; ; Additionally, all members of the Secarma Leadership and Management Team have an Open Door Policy and are available if employees need someone to talk to without having to go through their line manager.

Pricing

• Price: £900 to £1,200 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at actnow@secarma.com. Tell them what format you need. It will help if you say what assistive technology you use.