Pen Test Partners LLP

Regulated Red Teaming (i.e.CBEST, GBEST, TBEST,GCASE, STAR-FS,TIBER, AASE, iCAST)

Red Team operations are intelligence-led, objective-based, real-world simulations that emulate attacker tactics, techniques and procedures (TTPs) to give an organisation a holistic view of their security posture. Red Team engagements are black box and performed covertly in coordination with a small team from the target organisation

Features

• GBEST/CREST certified consultants and management
• Compliant to all GBEST Standards to target government/CPNI/etc
• Extremely experienced team having delivered numerous GBEST Assessments already
• Threat Intelligence partner
• Multiple levels of attack skill simulated
• Clear understanding of a client’s susceptibility to Advanced Persistent Threat
• True real world simulation of an attack
• GBEST and regulated red team compliant
• Bespoke red team tools used and developed by the team
• Multi phase approach: Reconnaissance, attack deliver, internal testing

Benefits

• The outcomes are real world exploitable vulnerabilities, not theoretical
• Remediation will show immediate and true value
• Security posture is immediately improved
• Security cleared Team with CSAM and other necessary certificates
• Highlighting unknown internal attack vectors increases internal awareness
• Increased understanding of internal controls and how to avoid vulnerabilities
• Reducing long term risk
• Increased confidence within the team in implementing new controls
• Best value engagement when assessing overall current risk

£1,500 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@pentestpartners.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

687450725031338

Contact

Susan Bunce
+447538520205
bidteam@pentestpartners.com

Planning

• Planning service: Yes
• How the planning service works: We will help to identify areas of cyber security weakness in the deployment of cloud environments.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Although we do not help the overall migration to cloud, our role is specific to the security of the cloud migration.
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • Azure
  • AWS
  • Google Cloud
  • Private Cloud

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • GBEST
  • CHECK
  • CREST
  • Tigerscheme
  • Cyber Scheme

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Each project is scoped individually, so constraints would be on a case by case basis.

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Support levels: Our service is a consultancy based service and therefore delivered on a day rate basis with direct email contact of the consultant, account manager, customer support and an escalation route.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 24/02/2016
• What the ISO/IEC 27001 doesn’t cover: Not applicable - All services offered by PTP are covered,
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Crest
  • GBEST
  • CHECK
  • Tigerscheme

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  PTP consider the environmental impact of our cybersecurity practices. Minimizing energy consumption, waste, and carbon footprint is integral to our approach and service delivery.

  Covid-19 recovery

  During COVID, PTP developed new ways of working such as remote service delivery options for our clients and enabled remote working for our staff.

  Tackling economic inequality

  We tackle economic inequality through Education and Awareness: We invest in educating users, employees, and the wider community about cybersecurity risks and best practices. Empowering people with knowledge enhances overall security. We actively participate in local and global cybersecurity events, workshops, and conferences. We share insights, contribute to discussions, and learn from others. : We support cybersecurity education programs, mentor students, and offer guest lectures at Universities to foster the next generation of cybersecurity professionals.; "

  Equal opportunity

  PTP supports every individual during their employment, to have an equal opportunity to make the most of their lives and talents through open and fair recruitment, progression. We encourage our employees to take a leading role in relation to their individual needs. This may be related to, career progression, development needs or a request to changes to work pattern. Our employees should feel empowered to bring such matters to the attention of their manager as soon as they are reasonably able to, to explore ways forward together.

  Wellbeing

  PTP employees are our biggest assets who deliver our services to our clients. PTP is committed to support our employees in health and wellbeing including physical and mental health through a range of regular initiatives, policies and practices which are reviewed at regular intervals.

Pricing

• Price: £1,500 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@pentestpartners.com. Tell them what format you need. It will help if you say what assistive technology you use.