Maintel Europe Limited

Security Assurance Services

We provide CREST approved penetration testing across cloud, web applications and infrastructure. Our point-in-time simulated attack provides insight and assurance to the identified assets. We replicate common and sophisticated tactics, techniques and procedures (TTPs) used by real threat actors, attempting to exploit vulnerabilities. All tests are evidenced with remediation activities.

Features

• UK-based, security cleared (SC) penetration testers.
• CREST, CRT, CCT INF and CCT APP penetration testers.
• IT health check across physical and cloud infrastructure.
• Identify exploitable security weaknesses targeted by cyber attackers.
• Vulnerability assessment of public facing systems and networks.
• Ad-hoc or routine penetration testing services.
• External Infrastructure Testing & Internal Infrastructure Testing.
• Network Device Configuration Review, Build Review Testing.
• Spear Phishing Campaign, Mobile Application Testing, Cloud Configuration Review.
• Web Application Penetration Test (OWASP), Physical Access Testing.

Benefits

• Evidence based test reports supported by remediation activities
• Adherence with CREST penetration testing standards and practices.
• Support compliance with GDPR, ISO 27001, PCI DSS.
• Increased quality assurance through regular penetration testing.
• Actionable and strategic recommendations to support business security.
• Highly experienced UK-based penetration testing consultants with Security Clearance (SC).
• Prevent intrusion and exploitation of business critical assets.
• Evidence to support prioritisation of business risk.
• Provides assurance on new or existing IT assets.
• Increased service up-time through proactive prevention and detection.

£950.00 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@maintel.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

619993383212380

Contact

Hannah Cook
07730521482
bids@maintel.co.uk

Planning

• Planning service: Yes
• How the planning service works: We work with clients to ensure penetration tests are planned in accordance with their needs and their environment. During the initial stages of communication, we will share a scoping questionnaire that allows our testers to understand the intended target requirements and complexity of the customers environment.; A proposal penetration test will be supplied, highlighting the penetration tests we believe to be the most viable for the customers’ requirements, as well as a set amount of days to conduct the test against. These days are based on the size and complexity of the chosen target to be tested against and will be tailored to the customers individual needs.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Penetration testing and other vulnerability assessments are a key part of establishing security awareness, robustness and resilience for organisations. ; Whilst our penetration tests do not directly replace quality assurance or performance testing, they can complement these efforts by uncovering security-related defects or weaknesses. Uncovering these weak points allows the organisation to fortify their security, further improving their quality assurance and performance testing as an indirect result of penetration testing results.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Threat and Risk Assessment
  • Internal & External Infrastructure Testing
  • Web Application Testing
  • Build Review & IT Health Check
• Certified security testers: Yes
• Security testing certifications: Other
• Other security testing certifications: Security testing provided via a CREST certified subcontractor

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: We will provide the necessary ongoing cyber security support service to meet your requirements based on the demands of your programme and the service you need. Specific support levels are agreed for each engagement. A dedicated named specialist is assigned as a single point of contact for each engagement.

Service scope

• Service constraints: Activities required for the service will be conducted during UK business hours of 09:00 - 17:00. ; Customer employee time will be required for workshops and assessment activities, as well as access to the firewalls in question for our specialists to conduct their assessment.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support throughout the assessment will be provided by one of our penetration tester, during UK business hours of 09:00 - 17:00. ; Any questions or support in line with this service will also be conducted within these business hours. They aim to get back instantly to any service related questions throughout the lifetime of the engagement.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Support services are assumed to be provided during core UK business hours 09:00 - 17:00, Monday to Friday. Our penetration tester will respond immediately to any commercial or service questions within this timeframe.Should there be the requirement for these support levels to be expanded, this can be discussed and finalised on a case-by-case basis.; The assigned penetration tester will act as the single point of contact throughout the engagement. An Account Manager will also be assigned to help manage the ongoing success of the customers relationship and support with any administrative requirements.

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: RelianceCyber

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Externally assessed and certified by British Assessment Bureau
• ISO/IEC 27001 accreditation date: 18/03/2022
• What the ISO/IEC 27001 doesn’t cover: Supplier's ISO27001:2017 certificate covers the whole business.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Audited and certified by a QSA from IT Governance
• PCI DSS accreditation date: 02/06/2023
• What the PCI DSS doesn’t cover: Not applicable to tis service
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Maintel Environmental, Social and Governance strategies enable us to work with customers to improve local, national, and international environments. For example, for every 500 cloud seats enabled through Maintel, we plant 25 trees at no cost to our customers. Planting trees has been identified as assisting movement towards target achievement in multiple UN Sustainable Development Goals. The trees are young when planted and will not sequester carbon for some years. The planting, particularly outside of the UK, enables jobs to be created to plant and maintain trees, environments are improved, including life in water where mangrove planting takes place. We also plant in the UK through not-for-profit organisations that ensure appropriate areas are rewilded and create a better space for local communities to use and for wildlife to flourish.; ; Maintel are willing to work with our customers to improve local environments as part of our employee volunteer scheme. To ensure we carry out activities in areas that require more greenery or local improvement. For example, litter picking, local amenity land clearance or planting to enhance a local area.; ; By moving to cloud and managed services with Maintel, customers work with us to reduce their direct emissions and enable progress towards nett zero.; ; Working closely with our suppliers, Maintel is transparent about our journey and commitment towards nett zero and publicly provides information about our targets and progress through ESG at Maintel website. We can identify and provide direct emissions savings through the use of technology and ensure replaced equipment is treated within our reuse and recycle environment with an aim of zero to landfill. We monitor our suppliers regularly and risk assess their journey to net zero with dedicated resource to assist in implementing improvements.

  Covid-19 recovery

  Maintel assists in the Covid 19 recovery in a number of ways. ; ; By supporting local communities with the provision of a contract aligned Social Value tech fund, which can be utilised for customer identified projects. For example, providing devices and broadband to underprivileged young people to assist them with their education and access to the world of work, or to a local small business that is identified as needing assistance to change the way in which they work.; ; Our employee volunteer scheme provides support for physical and mental health of people. By working with us to identify how we can assist your local organisations to provide support to the wider community, we become involved in the creation of jobs.; ; We are willing to share all vacancies with our customers, including apprenticeships and identify any appropriate candidates to fill a vacant or new permanent or temporary positions.

  Tackling economic inequality

  Maintel works closely with customers and suppliers to provide support for tackling economic inequalities. With the provision of contracts aligned to a Social Value tech fund, which can be utilised for customer identified projects. For example, providing devices and broadband to underprivileged young people, to assist them with their education and access to the world of work. Or to a local small business that is identified as needing assistance to change the way in which they work.; ; We are willing to share all vacancies with our customers, including apprenticeships, and identify an appropriate local candidate to fill a vacant or new permanent or temporary position.; ; Training opportunities, particularly for those that face barriers to employment or from deprived areas are offered through our employee volunteer scheme. This provides support for people by working with our contracts to identify how we can assist your local organisations. To provide support to the wider community we become involved in the creation of jobs including mentoring, 1-21 training, group sessions, work experience and when available, apprenticeships offered to locally identified residents.; ; Maintel actively promotes the use of start-ups and SME’s and uses their provisions wherever possible. For example, appropriate to our contracts and offices including supporting local businesses by gifting apprenticeship levy to those businesses looking to employ or promote existing employees, and ensure they have access to substantial training.

  Equal opportunity

  Maintel is an equal opportunities employer and makes appropriate adjustments to ensure we have a full and diverse range of employees connected to the contract.; ; Our learning management and development plans ensure all employees have access to appropriate training and qualification. This includes apprenticeships to support in-work progression, particularly those from disadvantaged or minority groups, to move into higher paid work by developing skills relevant to our contracts.; ; Maintel supplier management expects all critical suppliers to meet at least Maintel required standards of employee caring and adherence to relevant regulations including modern slavery.; ; As part of our equal opportunities scheme we have set targets. These include; 40% of all employees being female by 2030 (we’re currently at 33%), focussing on increasing the number of women hired into technical roles and reducing and maintaining the gender pay gap. We’re also aiming to ensure women are better represented in leadership roles, with 40% of senior management to be women by the end of 2025, and a minimum of one female member on the board. ; ; We expect and set up contractual arrangements with our suppliers to ensure, not only adherence to relevant regulations such as Modern Slavery Act, but to work with them to ensure they meet at least Maintel standards. We centrally manage the new and existing suppliers, ensuring full due diligence and risk assessment are regularly undertaken, and working with suppliers to identify and implement improvements. Our zero-tolerance stance to Modern Slavery is supported by our policies on anti-bribery and corruption and whistleblowing.

  Wellbeing

  Maintel has a wide reaching, multi-dimensional employee well-being package in place. We understand that our people are our most valuable assets, and are therefore passionate and committed to providing support and compassion at all times. We are certified to ISO45001 – Health and Safety and have representatives at each site, our First Aiders and Facilities team. We offer all employees a range of benefits to support health and wellbeing including; discounted gym memberships, enhanced sick pay, 24x7 private virtual GP, an employee assistance line to help employees with their mental health, various health assessments, health care cash plans and more.; ; Maintel is adamant it will be there to support all employees working on the contract whatever life throws at them. We have introduced a trained network of employee Wellbeing Ambassadors, there to assist individuals, and also provide all employees with great wellbeing information throughout the year.; ; In addition, one of Maintel’s core values is to be agile and flexible, and so we encourage employees to take advantage of their flexible working and hybrid working benefits, while maintaining excellent customer service. This helps to alleviate any pressure and stress for employees and promotes a healthy, sustainable work-life balance.; ; Our volunteer policy enables all employees to participate in volunteering activities arranged by Maintel, with local communities, but also to access paid time to actively participate in volunteering activities that are important to them directly.; ; Working with our customers, we agree where we can help the most, and set up appropriate schemes to participate in improvement of local communities using our volunteering scheme as the basis for providing environmental and social support in our local communities.

Pricing

• Price: £950.00 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@maintel.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.