Brookcourt Solutions

Penetration Testing

Penetration testing provides in-depth investigation into security of web applications, mobile applications, infrastructure (external/internal); Server Build reviews, Wi-Fi, firewall assessments and connected/embedded devices (IOT /IC/SCADA). Red Teaming Assessments and Security Training workshops, delivered by experienced Security Consultants, simulate actions of a malicious threat actor, uncovering/classifying vulnerabilities used to exploit/damage businesses.

Features

• Cloud security testing: cloud solution configuration and implementation assessments
• Web application testing on functionality-dense systems of websites
• Mobile application testing: Testing of Android or IOS
• Red Teaming: Goal based, the clients specified target
• Infrastructure - External & Internal (inc Build Reviews)
• Desktop applications and reverse engineering – typically Thick Client applications
• Wireless Testing: Assessing security, segregation and access points
• IOT Testing of products using systems such as RFID/Bluetooth
• Industrial Control Systems ICS Wireless: Identify potential attack vectors
• Open Source Intelligence (OSINT) & Estate Discovery

Benefits

• Protect your digital assets: Reducing the risk of a breach
• Protect your reputation: Reducing the potential of business revenue loss
• Uncover vulnerabilities and prioritise improvement effort: Providing vital remediation advice
• Achieve buy-in for information/cyber security improvement
• Protect critical Intellectual Property: Red Teaming can protect invaluable assets
• IInternal Infrastructure testing reduces threat of Ransomware and protects reputation
• Security assurance/due diligence when buying 3rd Party software
• Security testing during development of Internal applications
• Support compliance standards and regulations such as PCI DSS ISOs
• Support compliance re GDPR: Reduce likelihood of fines

£947 to £1,555 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@brookcourtsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

528836620938781

Contact

Phil Higgins
01737 886111
contact@brookcourtsolutions.com

Planning

• Planning service: Yes
• How the planning service works: In order to ensure a successful project, Pentest will assist you to: Define the Scope of Work; Define the project plan; Define success criteria; Mitigate risk; Gain executive buy-in and define the programme governance structure; Support the remediation process; and Define the Security Target.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Each service is individually scoped by experienced consultants, who manage bespoke scopes for each engagement to ensure high quality.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security audit services
  • Other
• Other security services:
  • Red teaming
  • Digital Asset Discovery
• Certified security testers: Yes
• Security testing certifications: CREST

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by a third-party organisation
• How the support service works: Penetration Testing and Cyber Security Consultancy

Service scope

• Service constraints: None - can provide our services on-site and remotely

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times are usually in-between immediate and 24 hours. No weekend support.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Scope: We work with you to fully understand your organisation, your goals and your desired test outcomes. Proposal & Prerequisites: A proposal will be drawn up outlining the planned scope of work and the preparation needed to start testing. Testing commences. Ongoing Communication: Our Consultants will communicate with you throughout the test, to your set requirements. Reporting: A comprehensive, quality assured report of test findings will be delivered. Post-Test Support: Our Consultants will be available after the test to offer advice and guidance on any aspect of the report, as well as remediation efforts. Retest: Once you have addressed the issues outlined in the report, we will retest to ensure vulnerabilities have been remediated.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Pentest Ltd

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BMTrada
• ISO/IEC 27001 accreditation date: May 2019
• What the ISO/IEC 27001 doesn’t cover: Nothing in our information security policies and frameworks is not included in 27001’
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO 9001 accredited by BMTrada. Initially accredited June 2019

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity

  Covid-19 recovery

  Ensuring further security measures for remote/home working across the nation.

  Tackling economic inequality

  Helping businesses with tighter/small budgets with either low charge or pro-bono pentests.

  Equal opportunity

  Encouraging more women and minorities to get into the cyber security business, with talks/secure code workshops and conference attendance.

Pricing

• Price: £947 to £1,555 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@brookcourtsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.