IJYI Ltd

Vulnerability, Penetration & Cyber Security Testing Support Service

Offering both a one-off and a subscription-based service, we provide ongoing vulnerability assessment and penetration testing cyber security services to continually strengthen and secure your IT systems against cyber threats. Our subscription service ensures regular, updated evaluations with the latest security practices to safeguard your cloud infrastructure, applications and data.

Features

• Comprehensive vulnerability assessments to detect and prioritise security weaknesses.
• Penetration testing mimics real-world attacks, assessing system defences.
• Best practice alignments with benchmarks like OWASP, CVE, CIS.
• Thorough, prioritised security reporting for informed decision-making.
• Security posture analysis for cloud, web, and network infrastructures.
• OCR technology to digitise and manage document workflows.
• Expert guidance on remediation strategies for identified vulnerabilities.
• Agile, adaptive security testing to suit operational tempo.
• Rigorous risk assessment for informed security investments.
• Deep-dive into system vulnerabilities to strengthen defences.

Benefits

• Elevates security frameworks using industry-leading methodologies.
• Mitigates risk from evolving cyber threats.
• Bespoke security strategies developed for specific needs.
• Reduces downtime with efficient risk management.
• Equips teams with cybersecurity awareness knowledge and skills.
• Prioritises security spending by focusing on critical issues.
• Builds trust through enhanced cybersecurity measures.
• Supports meeting compliance requirements in a flexible manner.
• Delivers peace of mind with expert-led security strategies.
• Cultivates a robust security culture within the organisation.

£3,000 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kevin.linsell@ijyi.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

991200429300295

Contact

Kevin Linsell
01473 558748
kevin.linsell@ijyi.com

Planning

• Planning service: Yes
• How the planning service works: Our service begins with a strategic planning session to understand the unique security requirements of your organisation. We set goals for the security assessments and define the scope of the penetration tests. Collaborating with your IT team, we ensure a thorough understanding of your infrastructure, focusing on critical assets and data flow. Our process includes a timeline that aligns with your operational needs. By employing threat modelling and risk assessment techniques, we craft a plan that not only foresees potential security challenges but also provides steps for mitigation and continuous improvement.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: Training within our service offering is focused on enhancing user awareness to complement our technical security testing, where relevant. We are able to conduct light-touch phishing exercises aimed at increasing vigilance among staff, helping them to identify potential security threats. This element of our service is designed to educate users on the importance of security in their daily operations and to reinforce the best practices in cybersecurity. Our user awareness sessions are concise yet effective, crafted to empower your team with the knowledge they need without diverting from the primary goal of technical vulnerability assessment.; For Formal Training we work with a partner and can deliver a range of On-Demand, Monthly, 6-Monthly and Annual Training packages to ensure everyone is skilled and aware relevant to their role.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: The setup for our Vulnerability, Penetration, and Security Testing Support Service includes the integration of our testing tools with your environment. While we recommend conducting tests in a secure, non-production setting, we adapt our approach to suit your available resources and systems. Our goal is to ensure the testing process is as unobtrusive as possible to your daily operations. We provide clear documentation and maintain open communication throughout the setup phase to ensure all stakeholders are informed and prepared for the security testing procedures.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Quality Assurance and performance testing form the backbone of our service, ensuring that enhanced security measures do not compromise system performance. Our tests simulate realistic traffic scenarios to evaluate system resilience, assessing the impact of security protocols on performance. We scrutinise the effectiveness of firewalls, intrusion detection systems, and encryption protocols under simulated stress conditions. Our report details recommendations for security enhancements, ensuring your systems remain resilient and effective.; ; Our security testing is exhaustive, applying industry-standard methodologies to challenge your systems. We conduct vulnerability scans with cutting-edge tools and perform penetration tests to evaluate the robustness of your defences. Our testing protocols are aligned with industry benchmarks such as OWASP and CVE, ensuring a thorough risk assessment. Findings are documented, and risks are graded, allowing prioritisation of remediation efforts. Our reporting provides clear improvement directions, empowering your team to reinforce your security posture proactively.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
• Certified security testers: Yes
• Security testing certifications: Other
• Other security testing certifications:
  • CompTIA Certified Penetration Test+
  • CompTIA Certified Network Vulnerability Assessment Professional
  • CompTIA Certified Advanced Security Practitioner
  • CompTIA Certified Secure Infrastructure Expert
  • CompTIA Certified Security Analytics Expert
  • CompTIA Certified Cyber Security Analyst
  • CompTIA Certified Security+ Professional
  • Certificate of Cloud Security Knowledge V4 (CCSK)

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: At IJYI, we understand the critical nature of maintaining strong cybersecurity defences. That's why our ongoing support isn't just about resolving incidents - it's about proactive vigilance. Our cyber security subscription service ensures that your systems are regularly tested via scheduled vulnerability assessments and penetration tests, where we identify potential security gaps before they can be exploited, and provide actionable recommendations to strengthen your defences.; ; Our team remains actively engaged, offering continuous insights that align with your evolving business strategy and help refine your security posture. This consultative approach ensures that our services add tangible value to your security contingency plans.; ; We offer a range of models from full 24x7 support through to a more ad-hoc "insurance policy" type service. We can design and tailor the service to meet your strategy, often with support decreasing over time as you become increasingly self-sufficient.

Service scope

• Service constraints: Our service is confined to the technical aspects of security testing within the agreed scope of work. Testing is ideally conducted in a test environment as recommended, although it's adaptable to the client's infrastructure. The timeline and breadth of service delivery may be influenced by client-side resource availability and granted access levels. Our service is most effective when there is a transparent exchange of information and swift implementation of our security recommendations. While our expertise is broad, we concentrate on vulnerabilities and penetration testing, thus excluding areas such as mobile platform testing and extensive policy audits.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: This would be dependent on the client requirements and agreed ‘response’ service level agreement (SLA). We operate a number of different bespoke SLA models across our client base, starting at 30 minutes
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: 1st line support for end users at extra cost. 2nd & 3rd Line support is part of our standard support offering.; This would be dependent on the client requirements and agreed ‘response’ service level agreement (SLA). We operate a number of different bespoke SLA models across our client base.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our team work extensively from home thus reducing the environmental impact of commuting.; All our solutions are cloud based therefore enabling the cloud providers to concentrate on effective power, heating and cooling at a scale that we could not.; We have extended the refresh period of our computing equipment to reduce landfill and waste.

  Covid-19 recovery

  As a result of COVID-I9 we have changed our business working pattern completely. All staff now work remote for the majority of their time, using our re-designed office facilities when their personal or business needs require. ; This has enabled improved social distancing, reduced travel and also improved wellbeing of our staff. Additional benefit is casting a wider geographical net for staff.; We also encourage part time working, including fitting around childcare and education.

  Tackling economic inequality

  Our business is growing and we are creating career opportunities in the East of England. We have employment options across a range of areas:; - School Hours contracts to enable parents/carers to return to work; - Flexible Study Contracts that has enabled mature students to continue to work in our sector whilst studying degree/PHD level; - General part-time work.; Approx. 30% of our staff (including CEO) now work part-time patterns.; ; In 2023 we restarting our Apprenticeship Programme in partnership with our local council and a local training provider. ; ; We continue to nurture early career progression through our work experience programme and as an Industry Partner with Suffolk New College and the University of Suffolk.

  Equal opportunity

  Everyone has a development pathway looking to facilitate career progression. We invest time and money in training, development and opportunities for self improvement. Our IJYI Innovators initiative gives individuals the opportunity to work on personal interest projects either lone or in a small team. This ensures everyone, at all levels, can collaborate and drive personal improvement.

  Wellbeing

  Wellbeing is vital here at IJYI. We have an open approach to discussing everything and anything. We are flexible with our life-work balance and keen to support everyone through any challenges they may face.; Every employee has a private personal health benefit which includes the ability to speak to professionals around their health and wellbeing.; We have recently put all staff through a Mental Health Toolkit training course provided by Suffolk MIND.; Our team is actively involved in volunteering activities with local charities. Time is freely given both from work and personal time.

Pricing

• Price: £3,000 a unit
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kevin.linsell@ijyi.com. Tell them what format you need. It will help if you say what assistive technology you use.