RAZOR THORN SECURITY LTD

PCI DSS Penetration Testing

Razorthorn provides a CREST accredited penetration testing service that ensures robust cybersecurity by identifying vulnerabilities in your systems. Razorthorn meticulously assess networks, applications, and devices to pre-emptively safeguard against cyber threats. Our PCI DSS penetration testers follow industry best practice and methodologies, we deliver comprehensive reports with remediations.

https://www.razorthorn.com/cyber-security-testing/penetration-testing-service/.

Features

• PCI penetration testing which includes Web, Internal/External infrastructure, Network Segmentation.
• VPN / Remote Access Penetration Test.
• Comprehensive vulnerability assessment.
• Advanced penetration testing techniques.
• Simulated real-world attacks.
• Detailed reporting with recommended remediation.
• Compliance assurance.
• Customised testing scenarios.
• Experienced penetration testers.

Benefits

• Compliance with PCI DSS and contractual obligations.
• Methodology based on OWASP, PTES, MASTG, CREST, PCI DSS.
• CREST accredited pen testers with over 10 years’ experience.
• Identify and patch vulnerabilities before they can be exploited.
• Reduce the likelihood of costly data breaches and downtime.
• Thorough examination of networks, applications, and devices for potential vulnerabilities.
• Employing premium tools and methods for thorough analysis and assessment.
• Delivering concise reports with prioritised steps for effective remediation.
• Cost effective penetration testing solutions.

£850 to £1,150 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sophia.durham@razorthorn.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

369292842161722

Contact

Sophia Durham
+447470334993
sophia.durham@razorthorn.com

Planning

• Planning service: Yes
• How the planning service works: At Razorthorn, we offer detailed scoping documents to outline client requests. Following this, we conduct scoping calls with clients to discuss requirements, parameters, and desired outcomes, ensuring alignment with their needs.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • Consultancy
  • Testing Services

Training

• Training service provided: Yes
• How the training service works: Our training options span from sharing knowledge during professional service implementations to conducting thorough classroom training sessions. We offer tailored training and awareness programs for staff responsible for cybersecurity and compliance duties, along with general security awareness training for all employee's.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: While we don't handle the entire cloud migration process, our focus lies specifically on ensuring the security of your cloud migration.
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • Azure
  • Amazon Web services (AWS)
  • Microsoft 365 (M365)
  • Google Workspace
  • Private Cloud
  • Consultancy Services
  • Specific Software

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Razorthorn offers a comprehensive quality assurance and performance testing service that can be seamlessly integrated into your full lifecycle program or as a standalone service. We take a tailored approach to meet all specific requirements for each engagement. We will also make sure you have a dedicated specialist that will be assigned as your single point of contact, ensuring clear communication and personalised attention throughout the process.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • CREST Penetration Testing
  • PCI DSS Consultancy Services
  • ISO 27001 Consultancy Services
  • Cyber Essentials/Plus Services
  • Data Protection Officer as a Service
  • Red Teaming
  • Incident Response Testing
  • 3rd Party Reviews
  • Cyber Security Reviews
  • AI Consultancy
• Certified security testers: Yes
• Security testing certifications:
  • CREST
  • Other
• Other security testing certifications:
  • PCI DSS Consultancy Services
  • ISO 27001 LA
  • CISM
  • CISSP
  • GIAC penetration tester / web application tester
  • Exploit researcher and advanced penetration tester
  • Offensive security certified professional
  • Offensive security wireless professional
  • Offensive security certified expert
  • Certified ethical hacker

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Razorthorn offers cybersecurity support services throughout the contract duration, customising our offerings to align with the demands of your program and the services you require. We establish specific support levels for each engagement, with a dedicated specialist assigned as your primary point of contact for seamless communication and assistance.

Service scope

• Service constraints: No.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We're operational from 9 AM to 5 PM (UK time) on weekdays, Monday through Friday via email. At minimum, we commit to responding within one working day for any standard queries and within one hour for critical queries. For out-of-hours services, we ensure to deliver support equivalent to the level provided during regular hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Razorthorn operates from multiple locations across the UK and provides a standard 9-to-5 Monday through Friday phone support line and a 24-hour incident support hotline. ; ; Razorthorn Security assigns a dedicated Project Manager and Customer Success Manager to collaborate closely with each organisation, ensuring seamless execution of all projects.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 13/10/2022
• What the ISO/IEC 27001 doesn’t cover: All requirements of the ISO27001 certification is covered across all of our UK sites, services and personnel.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: PCI DSS SSC
• PCI DSS accreditation date: 01/12/2023
• What the PCI DSS doesn’t cover: All requirements of the PCI DSS QSA certification are covered across Europe.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: CREST

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Razorthorn is dedicated to combating climate change and has set a bold target of achieving Net Zero emissions by 2025. To fulfil this commitment, we prioritise tangible reductions in emissions through collaborative efforts with key suppliers and empowering our team to make climate-conscious travel decisions.; ; As a socially responsible business, Razorthorn upholds the highest standards of ethics and professionalism. Our efforts fall into two main categories: compliance and proactiveness. Compliance entails adhering to legal obligations and community values, while proactiveness involves initiatives to promote human rights, support communities, and safeguard the environment.; In addition to meeting legal requirements, we actively engage in environmental protection initiatives such as recycling, energy conservation, and adoption of eco-friendly technologies. We are in the process of aligning our operations with ISO 14001 standards for Environmental Management to continually improve our environmental performance.; Razorthorn is committed to delivering further environmental benefits, including striving towards net zero greenhouse gas emissions, as part of our ongoing contract performance.

  Covid-19 recovery

  Razorthorn's mission is to enhance workplace conditions for COVID-19 recovery, emphasising social distancing, remote work, and sustainable travel. Our G Cloud 14 services aid organisations in managing and rebounding from COVID-19 impacts, promoting remote service delivery to mitigate transmission risks. We support remote work and enforce social distancing in offices, with travel following the most recent COVID-19 guidelines.

  Tackling economic inequality

  Razorthorn actively tackles economic inequality by strengthening supply chains and managing cyber security risks in contracts. We promote innovation in supply chains for cost-effective, high-quality goods. Our social responsibility drives us to support local charities, nurture future security professionals, and address regional inequality through inclusive recruitment and skill development initiatives.

  Equal opportunity

  Razorthorn is dedicated to detecting, managing, and mitigating modern slavery risks within contract delivery and supply chains. We actively combat employment, skills, and pay disparities within our workforce. Our firm adheres to rigorous 'Equal Opportunity' and 'Equality and Diversity' policies, ensuring fair treatment across all engagements.

  Wellbeing

  Razorthorn is deeply committed to safeguarding and promoting the physical and mental health and well-being of our workforce. Our support begins with the initial recruitment process and extends throughout every working day within the organisation. For team members facing challenges such as disabilities, mental health conditions, or caring responsibilities, we have an established network that offers a supportive environment to connect with peers, seek advice, and share experiences.

Pricing

• Price: £850 to £1,150 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sophia.durham@razorthorn.com. Tell them what format you need. It will help if you say what assistive technology you use.