D2NA (D2 Network Associates Ltd)

Penetration Testing

D2NA's CREST-accredited penetration testing provides a comprehensive review of your organisation’s information security posture and defences.

Using a robust and proven methodology accredited by CREST, our highly trained pen testers perform an ethical attack simulation which aims to discover areas of concern in your infrastructure, procedures, policies and people.

Features

• CREST Accredited Penetration Testing
• Highly trained and experienced Penetration Testers
• Infrastructure Penetration Testing
• Wireless Penetration Testing
• Web Application Penetration Testing
• Tailored Black Hat or White Hat approaches
• Scoping and follow up advice meetings included

Benefits

• Improve your organisation’s security stance
• Reduce risk of attack, data loss and service disruption
• Meet regulatory compliance needs such as PCI, ISO and GDPR
• Demonstrate a high degree of due care to your stakeholders
• Improve ROI from existing security investments
• Provides detailed view of your organisation’s security posture
• Provides thorough, impartial remediation advice

£1,000 to £20,000 a transaction

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@d2na.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

344290381966731

Contact

Graham Doyle
0330 59 59 69
info@d2na.com

Planning

• Planning service: Yes
• How the planning service works: Every Penetration Test is tailored. We start every engagement with a scoping meeting to determine what you want, where to focus and the approach that will be used. This can range from Black Box, to Grey Box or White Box. We will also agree the scope of equipment to be tested, the purpose of testing, the simulated attack scenario and testing methodology in detail.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: Testing (e.g. Phishing testing), training and compliance related services to ensure your staff are educated and aware of current threats.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Cyber Essentials and Cyber Essentials Plus
  • Managed Detection and Response Services
  • Vulnerability Assessments
• Certified security testers: Yes
• Security testing certifications: CREST

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Every penetration test is tailored and there may be various constraints imposed by the agreed Scope of Work, following the scoping meeting at the planning stage. One example is the extent to which a discovered vulnerability may be exploited if to do so would cause operational disruption during the test.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard service provides a 1-hour response Monday-Friday 7am - 7pm excluding public holidays.; ; With a 24x7 service uplift available to extend support to 24x7 with the inhouse team for organisations requiring it.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: You will be fully supported and guided throughout the process. D2NA’s Penetration Testers will only communicate with employees, external agencies and organisations who are authorised by the customer and are directly involved in this assessment. Any unauthorised or unplanned communication will be reverted to D2NA’s Account Management team, who will gladly assist with all enquires.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Peers Quality Assurance Limited
• ISO/IEC 27001 accreditation date: 30/06/2023
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CREST-accredited Service Supplier
  • Cyber Essentials Certification Body

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  We are proud to employ a diverse workforce and support in-work progression to help our employees, including those from ; disadvantaged or minority groups, to move into higher paid work by ; developing new skills and earning qualifications. We believe a diverse workforce creates a stronger team, with individuals having their own opinions and world views creating a dynamic and thought-provoking approach to work.

  Wellbeing

  Our team's wellbeing is our priority and through regular 1-to-1's, team workshops and access to physical and remote support services, we ensure our employees are able to access the support they need. We also operate strict policies which prevent our employees from "burn-out".

Pricing

• Price: £1,000 to £20,000 a transaction
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@d2na.com. Tell them what format you need. It will help if you say what assistive technology you use.