AXIS PENTEST LTD

Web Application Penetration Testing

Let our certified specialists remotely probe and penetrate your external networks. Our highly manual service aims to identify vulnerable Internet services and components which may be remotely exploited to extract information or mount further attacks while operating within your networks.

Features

• Manual testing approach supplemented by automated tools and custom scripts
• Guided by OWASP framework and encompassing the OWASP Top 10
• Testing from an authenticated and un-authenticated perspective
• Creation of custom testing scripts where required
• Source code assisted web application security reviews
• Tailored engagements and a manual assessment approach
• communication with the consultant during the engagement
• Daily debriefs and communication by phone, email or instant message
• Spot re-testing free for all critical vulnerabilities

Benefits

• Identify SQL injection and Cross-Site Scripting attacks
• Identify information leakages
• Harden web application to make it more resistant to probing
• Exploits and proof-of-concept code included in technical report
• Identify authentication bypasses and privilege escalations
• Detailed and clear report with remediation advice and debrief
• Independence assurance of security controls across platforms +
• Accurate detection to reduce the risk of compromises
• Competitive day rates
• Post engagement retesting and support

£850 to £850 a unit a day

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tirath.rai@axispentest.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

679726265996386

Contact

Tirath Rai
020 8133 9999
tirath.rai@axispentest.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security audit services
• Certified security testers: No

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The dedicated penetration testing consultant assigned to the engagement and be able to answer queries within a matter of hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: During the engagement window support is included and handled directly by the assigned consultant(s).; By special arrangement a 24/7 emergency phone line can be employed where the engagement necessitates this feature

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: CREST CRT

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  We aim to be an equal opportunity employer and service provide and we are determined to ensure that no applicant or employee receives less favourable treatment on the grounds of gender, age, disability, religion, belief, sexual orientation, marital status, or race, or is disadvantaged by conditions or requirements which cannot be shown to be justifiable.; We will take steps within our power, and within the resources which can generally be made available from time to time, to meet this responsibility. In particular:; • Job advertisements will include a general declaration to the effect that we aim to be an equal opportunities employer;; • Records will be maintained as a means of monitoring our policy and as a means of identifying possible areas of inequality;; • The operation of the policy will be regularly reviewed;; • Selection, recruitment, training and promotion practices and procedures will be reviewed to ensure that individuals are treated on the basis of their relevant merits and abilities;; • All employees in our service will be made fully aware of their responsibilities towards the promotion of this policy and provided with suitable training;; • All procedural documents (for example: grievance, discipline) will be reviewed to ensure compliance with the spirit and intention of the policy.; We will consult with the recognised unions on equal opportunities and they, in their turn, will encourage their membership to operate within the guidelines represented by this policy, and will actively co-operate in all measures to ensure compliance with this policy.

Pricing

• Price: £850 to £850 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tirath.rai@axispentest.com. Tell them what format you need. It will help if you say what assistive technology you use.