Stone Technologies Limited trading as Converge Technology Solutions

Stone Penetration Testing

Good security practice involves regular testing of your IT infrastructure for vulnerabilities and exploitable weaknesses. Penetration Testing, also referred to as Pen Testing or ethical hacking, is an authorised attack on a network, web/mobile application, or a Wi-Fi network to find security vulnerabilities that an attacker could exploit.

Features

• Finds weaknesses and vulnerabilities that can be fixed before exploitation.
• Validates effectiveness of existing security measures.
• Demonstrates due diligence and compliance with regulations.
• Raises security awareness for IT teams.
• Provides reports, data and recommendations to strengthen defences.
• Ad-hoc and scheduled routine pen test services
• External vulnerability scanning services.

Benefits

• Accurate and informed risk-based decision making.
• Specialists with deep industry expertise.
• Allows effective management of Data Breaches and IT Security Incidents
• Recognised industry standards and certifications - CREST / CHECK.
• Realise and reduce your attack vectors and surface
• Reduces business risk

£850 to £1,450 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@stonecomputers.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

843129181321155

Contact

Antony Mellor
08448 22 11 22
tenders@stonecomputers.co.uk

Planning

• Planning service: Yes
• How the planning service works: Stone Penetration Testing Service covers covers all required elements of the Penetration Testing service, which involves the following stages:; 1) Scoping – Determining the specific systems, applications, and boundaries for the penetration test.; ; 2) Reconnaissance – Collecting and analysing publicly available information about your systems to identify potential weak points and entryways.; ; 3) Assessment - Performing a systematic and thorough examination of your systems to identify and exploit potential vulnerabilities.; ; 4) Reporting - Creating a comprehensive report that outlines the discovered vulnerabilities, their potential impact, and suggests possible mitigations.; ; 5) Presentation - Delivering a detailed explanation of our findings to stakeholders, with a focus on understanding and improving your security posture.; ; 6) Remediation - Providing guidance and support on how to best address the vulnerabilities discovered during the Penetration Test, reducing risk and enhancing security.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with: Penetration Testing

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Will advise ay point of engagement and understanding of buyers specific environment

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: During the penetration test, the client will be provided with a direct live chat with the lead penetration tester who will be able to answer any questions.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: The lead penetration tester will be available throughout the duration of the test via email or phone support.; ; Standard support is available 09:00 - 17:00 Monday to Friday via ticketing, email or phone for any additional queries.

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Nellcote

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 11/05/2019
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: SecurityMETRICS
• PCI DSS accreditation date: 07/03/2019
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  Effective stewardship of the environment.; At Stone, nothing goes to waste. We are committed to protecting our planet and reducing the impact the IT industry has on the environment. We deliver this by:; ; • Stone’s zero to landfill pledge. Certification in-line with the Defra waste hierarchy and audited by Valpak, Stone delivers the assurance of external audit to the zero to landfill pledge, ensuring redundant IT equipment is never needlessly treated as waste.; • One of the best tools to limit temperatures from rising above 1.5o is tree planting. Stone plants a tree for every £1,000 worth of boost points collected, with 500 trees planted since 2020 in partnership with the National Forest. Most recently, Stone has partnered with Ecologi, to plants tree in areas where they will make the most impact.; • The multi-award-winning Stone 360 app encourages technology users to reduce carbon footprints by responsibly recycling redundant technology whilst earning rebates. Rebates can be used as:; o Cash rebates; o Charity donations to any charity; o Donations to Stone charities; o Boosting the value of the rebate by 20% when spend on Stone products or services.; • Once devices are sanitised of data and refurbished, they are made available to communities at highly competitive pricing. This reduces the carbon footprint for schools, charities, and social enterprises whilst supporting IT supply chain challenges. Stone also makes charitable donations of refurbished technology. Through the IT Schools Africa programme, Stone has donated almost 4,000 devices to help bridge the digital divide, and support global circular IT provision.; • Alignment to the United Nations Sustainable Development Goal (SDG) 12 - responsible consumption and production. Stone is committed to the efficient use of natural resources, using sustainable options and by setting a series of policy-aligned internal goals and measurables to track progress.

  Equal opportunity

  Stone understands the value of ensuring good representation of disabled people in the workforce, and in skills development both within the workforce and that of the community it serves. The following represents two examples of value from the services Stone delivers:; • Increasing representation of disabled people in the workforce: As a Disability Confident employer, Stone commits to recruit, retain, and develop disabled people to serve your organisation. Contracting a supplier displaying the Disability Confident badge will also show disabled people that you recognise their value, supporting you in recruiting and retaining disabled people. Stone commits to providing:; o Inclusive and accessible recruitment; o Accessible communication of vacancies; o Interviews to disabled people; o Reasonable workplace adjustments; o Support for existing employees; ; • Supporting families of disabled or seriously ill children to have the same opportunities, as other families: By selecting Stone you will directly contribute towards a 12-year partnership with the Family Fund. Family Fund is the UK’s largest charity providing grants for families raising disabled or seriously ill children and young people under 21. Stone provides a comprehensive range of technologies and related support for the families via phone and online portal, highlighting products available and providing easy-to‐digest information, written with the families in mind and free from technical jargon) and via a text and messaging service.; ; “Stone have been integral to us fulfilling our technology grants effectively and with unwavering customer service. The partnership enables us to provide a wide range of digital equipment across multiple platforms, the majority with assistive technology, which help support the needs of those with disabilities. Stone have proven themselves to be flexible and adaptable to change as we have grown, and the needs of the families we support have evolved, displaying strong values and commitment to our partnership and our cause.”

Pricing

• Price: £850 to £1,450 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@stonecomputers.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.