Our Dynamic Pen Testing service gives businesses a new way of continually managing cyber risks, through a proprietary framework and a dedicated portal. It relieves CISOs and risk owners of the annual stress of testing by offering ongoing risk management which deals with the cause and not just the symptoms of issues found.
Our DPT service is carried out by its UK-based IT security experts and is designed to give context to the results of a penetration test, rather than just producing an unwieldy annual report. Before and after the testing takes place, the team works with the business and IT teams to apply weighted risk ratings to assets to be tested. These weightings reflect the drivers of the business, allowing them to specify what is important. For example; data loss may be more important to an organisation than a denial of service attack, or the IP addresses in HQ may be more critical than those in a branch office.
The results are then presented back via the DPT portal, which allows the client to manipulate the data to find patterns and commonalities. Common themes are easily identified and priorities can be extrapolated, so that the client’s IT department can assign tasks to specific teams or individuals. This has reduced the resources spent on ineffective, repetitive fixes and ensured the business-critical issues are fixed first.
Creates joint priorities between business and IT
Carries out a full, manual penetration test to establish a base line
Presents penetration test results via an online client portal, so that risk can be viewed across the organisation
Creates risk scores, giving issues a business context
Tracks and allocates issue remediation, including drilling down into technical detail
Includes ability to upgrade or downgrade risk as the security landscape changes
Provides continual scanning, manual retesting and updates on appliances, systems, and or network changes
Facilitates the clear tracking and reporting of risk reduction, thus providing demonstrable value to auditors and executives