EKCO CLOUD (UK) LIMITED

Ekco Security - Security Testing

Our Security Testing team helps clients in identifying vulnerabilities and security misconfigurations in their cloud based applications, infrastructure, virtual environments, and networks. This enables the identified issues to be triaged, treated and protected before they are potentially targeted by malicious threat actors.

Features

• Adversary Emulation using Tactics, Techniques and Procedures (TTPs)
• API Security Assessment
• Ethical Hacking as a Service
• Infrastructure Penetration Testing
• Mobile Applications Penetration Testing
• Purple Team Assessment and Red Teaming/TIBER-EU
• Social Engineering & Phishing Assessment
• Static Application Security Testing (SAST)
• Vulnerability Management as a Service
• Web Application Penetration Testing

Benefits

• Penetration Testing by certified professionals (CREST, OSCP, eWPT etc.)
• Focused on areas in ISO27001, OWASP Top 10, PCI-DSS
• Follows security standards including OWASP, MASTG and NIST
• Pinpoint and report holistic security weaknesses and associated organisational risks
• Enhances organisation's ongoing efforts in maintaining compliance and assuring security
• Employs Tactics, Techniques and Procedures used by cyber criminals
• Replicates Threat Actor scenarios using MITRE ATT&CK framework
• Targeted phishing campaigns and physical security assessments
• Application source code assessed using white box approach
• Identify critical vulnerabilities and reduce cybersecurity risk

£550 to £1,150 a unit a day

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ekco.gcloud@ek.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

952082215113103

Contact

Ekco G-Cloud
08452578020
ekco.gcloud@ek.co

Planning

• Planning service: Yes
• How the planning service works: Our Professional Services offering provides buyers with advice and guidance on how to undertake initial scoping and requirements gathering to assist in the development of fully detailed plans and work breakdown structures
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Our Professional Services offerings can provide an holistic review of current / future hosting infrastructure (whether on-premise / public cloud / SaaS etc.) with a keen focus on security controls in place and any deficiencies.; ; These assessments can then be used to determine the benefits and the risk mitigation of transitioning to the cloud or to an alternative provider.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CREST
  • Other
• Other security testing certifications:
  • ELearnSecurity Web Application Penetration Tester
  • OffSec Certified Professional

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: There are no specific service constraints.; ; Any dependencies or assumptions required on an engagement by engagement basis are clearly set out in our detailed Statement of Works.

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Support levels: All of our Professional Services engagements have a defined contact aligned to the buyer. This resource is engagement dependent and liaises with each buyer at all stages of the engagement to ensure we are meeting their requirements or any regulatory or other demands.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certification Europe
• ISO/IEC 27001 accreditation date: 29/02/2024
• What the ISO/IEC 27001 doesn’t cover: Nothing is excluded from the Statement of Applicability (SOA)
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Ekco, we recognize the urgent need to address climate change and prioritise effective stewardship of the environment in all aspects of our operations. Our commitment extends beyond mere compliance to embodying proactive measures that deliver additional environmental benefits and drive progress towards a sustainable future.; ; Delivering Additional Environmental Benefits:; Ekco is dedicated to incorporating environmental considerations such as reducing greenhouse gas emissions and minimising environmental impact. Through the adoption of sustainable practices, resource efficiency measures, and the utilisation of renewable energy sources, we strive to contribute to the transition towards a low-carbon economy and promote environmental sustainability. Ekco is working towards ISO 14001 certification in order to monitor & measure our environmental controls and as a method of demonstrating our commitment to minimising environmental impacts. ; ; Influencing Stakeholders:; Ekco leverages its influence to promote environmental protection and improvement throughout the supply chain and among stakeholders. By engaging with our staff, suppliers, customers, and communities, we advocate for responsible environmental practices, raise awareness about the importance of conservation, and encourage the adoption of sustainable behaviours. Our Integrated Management System (IMS) contains a Third-party Governance Framework, which in addition to risk assessing supplier cybersecurity controls, is also used to evaluate supplier both environmental and ethical practices.

  Covid-19 recovery

  Promoting Health and Wellbeing: During the COVID-19 pandemic we ensured that we provided access to mental health resources on our EAP platform Spectrum, such as counselling services or employee assistance programs. ; ; Improving Workplace Conditions: Our workplaces evolved in response to the pandemic, Ekco is dedicated to fostering environments that prioritise employee health and safety. This involves supporting remote working arrangements with the use of new technologies and collaboration tools. We also actively promote sustainable travel solutions to minimise potential exposure risks and enhance employee well-being.

  Tackling economic inequality

  Creating Opportunities for Entrepreneurship: Our Ekco academy project is ongoing - where we aim to create Ekco as a learning organisation that supports personal and career development. ‘Ekco Think Time' was introduced so all staff can avail of one hour per week to work on their own personal learning and development through our learning management system . We have also launched an internal project entitled Ekco Graduation, where the learning achievements of staff are celebrated with mini-graduation celebrations . We are also running an Inspiring Leadership programme where our people managers across the group are learning valuable inclusive, team building, and communicative skills designed to support our goal of having more inspiring leaders working across Ekco. ; ; Promoting Employment Opportunities: Ekco widely promotes inhouse opportunities for promotion by advertising roles internally and looking at skills of employees to see where employment opportunities arise. ; ; Ekco understands the critical importance of enhancing supply chain resilience and capacity to ensure the effective delivery of contracts and contribute to overall economic stability. Our approach encompasses a range of activities aimed at fostering innovation, collaboration, and responsibility throughout the supply chain.; ; Supporting Innovation and Disruptive Technologies:; Ekco actively promotes innovation and the adoption of disruptive technologies throughout the supply chain. Through strategic partnerships, investment in research and development, and knowledge-sharing initiatives, we seek to deliver lower-cost and higher-quality goods and services while driving continuous improvement and resilience in our operations.; ; Developing Scalable and Future-Proofed Methods:; Ekco is dedicated to supporting the development of scalable and future-proofed methods to modernize delivery and increase productivity. By investing in technology, process optimisation, and workforce development, we aim to enhance efficiency, reduce risk, and ensure the long-term sustainability of our supply chain operations.

  Equal opportunity

  Ekco and its subsidiaries are committed to ensuring equal employment opportunity for all employees, including qualified employment applicants. The company strives to maintain an environment free of discrimination, harassment, intimidation or bullying based on race, colour, religion, gender, national origin, ancestry, age, disability, veteran status, marital status, sexual orientation, citizenship, civil status, family status, or race (colour, nationality or ethnic or national origin, membership of the Traveller Community or any other protected category or characteristics). ; ; This equal employment opportunity policy applies to all employment practices, including but not limited to recruiting, hiring, advertising, promotion, transfer, reductions in force, social and recreational programs, training, employee development, compensation and fringe benefits, discipline and termination. ; ; Diversity & Inclusion is a key area of importance which helps us build and maintain our unique culture. We want to do all we can to ensure our culture is one which promotes awareness and understanding of diversity & inclusion. ; ; We have zero-tolerance for any type of discrimination and/or harassment at Ekco. We have made significant strides through the following activities: ; • D&I Awareness Sessions - Internal Training Sessions provided to the group to raise awareness and understanding. We are lucky to have internal mental health and diversity trained speakers within our People Team who are truly passionate about making a difference in this area. ; • International Women's Day panel discussion. A hugely successful panel session about the experiences and challenges of women working in the tech industry, the success of which resulted in our family friendly leave entitlements being increased.; • Certified Proud - we are members of Certified Proud, an accreditation membership body that strives towards LGBTQ+ equality throughout businesses in Ireland. ; • The Ekco Experience – our internal podcast improves our communication and promotes diverse and inclusive conversations across the group, champions our D&I culture.

  Wellbeing

  Ekco supports the health and wellbeing of staff daily by offering support through Management and the People Team to ensure staff have a positive daily experience. ; ; Mental Health Awareness Week is one of our flagship employee engagement events. Each year we have guest speakers and coaches support wellbeing and advise our staff on healthy mental as well as general health wellbeing. ; ; We are lucky to have internal mental health and diversity trained speakers within our People Team who are truly passionate about making a difference in this area. ; ; All staff are given:; C O R E; • Automatic enrolment pension contributions after 3 months service. Company contributions are matched to employee contributions at 5:5%; • 25 days per calendar year plus normal bank and public holidays; • A day off each year for your birthday, taken in the calendar month of your birthday; C H O I C E S; • Company funded single cover Private Medical Insurance (subject to post probation eligibility); • Discounted single cover with Bupa Dental Insurance via salary sacrifice; • Support your favourite charities through tax efficient donations via payroll; • Reimbursement to cover some of the costs of eye tests, glasses and contact lenses; W E L L N E S S; • Employee Assistance Programme (EAP) offering a dedicated confidential service for mental ; • health, emotional wellbeing or general advice; • Enhanced Family leave in addition to statutory eligibility;; • Maternity / Paternity; • 5 days additional leave to use in emergencies to care for dependent / pet; • Ekco Eats – a monthly lunch in the London office from a local eatery of employees' choice!; • Ekco Events – a wide range of events from EkcOlympics to summer parties; • Women's Wellness – wellness packs and toolkits to help throughout life stages

Pricing

• Price: £550 to £1,150 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ekco.gcloud@ek.co. Tell them what format you need. It will help if you say what assistive technology you use.