The Information Security Group provides vulnerability scanning, web application testing, and penetration testing services. Just email email@example.com to book.
We can perform an automated scan of your host(s) under your
jurisdiction and provide you with a report of the vulnerabilities
found. The scan will consist of a portscan of your server using Nessus
(or similar tools) which will enable us to advise you of anything that
is out of date, or any insecure services. This can be done as a one-off
or on a monthly basis.
Web application testing
We have a commercial tool, IBM Appscan, as well as open source tools, to review the operation and access controls of your web application, and provide you with a report detailing findings by risk level. This will typically require a test login to the application.
Upon request, we can
conduct a detailed security assessment of your host(s) or a particular
web application. The testing will be performed following a suitable
scoping exercise. This will start with a vulnerability scan, but will
also verify and attempt to exploit possible vulnerabilities. We will
provide you with a report outlining our confirmed findings by risk level
and our advice on remediation.
External penetration testing
We can also arrange for external penetration testing, with a
CHECK and CREST certified company, which would need to be funded by the
We are planning on providing this service in the future, if you are interested please contact us for more information.