NTA Monitor Ltd.

Application Security Testing

Designed to ensure that applications (e.g. public-facing transactional website, mobile application, internal CMS, cloud based solution) are securely configured, thus preventing an attacker from gaining access or a user being exposed to confidential or sensitive data, another user’s account or the back end database.

Features

• Industry recognised methodologies (e.g. OWASP, OSSTMM, PCI) employed
• CVSS and CVE references included in reports
• Summary of risks identified, ordered from high to low severity
• Technical details of each issue found
• Recommendations for closing holes found
• Screen shots and supporting evidence for risks found
• Includes retesting of critical or high risk vulnerabilities identified
• Post-delivery support and guidance included
• Secure application development training also available
• Security cleared personnel (e.g. BPSS, SC, NPPV Level 3) available

Benefits

• Identifies security vulnerabilities and configuration weaknesses
• Improves protection of business information and data assets
• Demonstrates information security best practice
• Supports accreditation (e.g. RMADS) activities
• Aligns to an Information Security Management System
• Meets PCI Data Security Standard (DSS) compliance requirements

£950 to £1,100 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gavin.simms@intertek.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

715856655253362

Contact

Gavin Simms
01634 721855
gavin.simms@intertek.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: This service allows organisations who have procured services via the Digital Marketplace, or who are using cloud hosted software, infrastructure or platforms, to gain independent analysis and information security assurance regarding the governance and controls that are in place to protect these services and systems. Such assurance is vital for cloud based services which possess specific security considerations due to their on-demand, remotely accessible and multi-tenanted attributes.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type: Security testing
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: N/a

User support

• Email or online ticketing support: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Support Levels: ; • Email (FOC); • Phone (FOC); • Onsite (chargeable at day rate); • A technical consultant would be allocated to handle any support issue if required

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CHECK Green Light status
  • CREST member company
  • CE+ Certification Body

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  The Company is committed to providing equal opportunities in employment and to avoiding unlawful discrimination in employment or to customers.

Pricing

• Price: £950 to £1,100 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gavin.simms@intertek.com. Tell them what format you need. It will help if you say what assistive technology you use.