Zoonou Limited

Web Penetration Testing

Penetration Testing or Pen Testing is carried out by CREST accredited test staff at Zoonou who look for exploitable security vulnerabilities within a site or service. This takes the form of a planned attack on an application in an attempt to gain access to confidential data, content and site features.

Features

  • Web penetration testing carried out by CREST accredited test professional
  • OWASP Top 10 used as basis for penetration test
  • CAST and CSTP certified test team
  • Test planning and reconnaissance, execution and reporting approach
  • Recommendations on hardening for future attacks
  • Encrypted penetration testing report
  • High priority blocking issues discussed immediately with client
  • Automated and manual testing techniques used
  • Web application front-end and admin areas focused on
  • Secure project folder maintained for testing outputs

Benefits

  • Independent testing from CREST certified practitioner
  • Reveal flaws and ensure data is protected in the future
  • Recognised as well as proprietary techniques used to reveal vulnerabilities
  • Non-destructive test techniques used wherever possible
  • Test tools configured not to overload infrastructure
  • Automated scans monitored in by our staff
  • Clear and practical approach shared with client
  • Pen test as part of Zoonou’s security assessment
  • Complete audit of all available application pages
  • Satisfy compliance and legal requirements

Pricing

£410 a person

Service documents

Framework

G-Cloud 12

Service ID

1 1 6 4 9 7 7 1 6 1 6 0 5 4 2

Contact

Zoonou Limited Rhodri Alexander
Telephone: +44 (0)1323 433700
Email: digitalgov@zoonou.com

Planning

Planning service
Yes
How the planning service works
Zoonou provides a test advisory service to determine the requirements of any cloud project or programme of work and will advise on strategy, recommended QA processes, test approaches, tools and environments and so on. Zoonou conducts test planning activities for cloud hosting and software services, including test case design, high level test plans, the generation of test scripts in line with business requirements, the creation of test data and user requirements. Together with any approved documentation such as wireframes, designs, and technical / functional specifications Zoonou will develop test planning to support any cloud activities.
Planning service works with specific services
No

Training

Training service provided
Yes
How the training service works
Using onsite, virtual and eLearning methods Zoonou delivers bespoke training which helps customers build the skills they need to confidently deliver cloud and software testing services. Led by Zoonou’s qualified team of professionals, a syllabus is tailored to the customers’ requirements and skill levels, whether those needs are focused on beginner topics or advanced areas of study.
Training is tied to specific services
No

Setup and migration

Setup or migration service available
Yes
How the setup or migration service works
Zoonou can provide test strategy, planning, execution and reporting for the migration of applications and services to the cloud or between cloud services. Testing ensures that systems have been migrated correctly and that they function and perform consistently with the existing system. Testing often focuses on data migration, where checks are carried out to verify that data has been transferred to the new system without error. Migration testing combines different testing techniques as well as the creation of test data.
Setup or migration service is for specific cloud services
No

Quality assurance and performance testing

Quality assurance and performance testing service
Yes
How the quality assurance and performance testing works
Zoonou specialises in testing and quality assurance services and is able to provide a full range of end-to-end test solutions across the lifecycle of a development project or programme. Our test consultancy service determines the strategy and requirements of any application under test, as well as providing QA processes, test execution, tools and reporting. Test design, scripting and documentation focuses the test effort to achieve coverage and that is traceable, measurable and repeatable. We offer consultancy, manual and automated testing as well as compatibility testing. Additionally, we offer Crest accredited Security testing, Accessibility and User testing.

For Performance Testing, our in-house Load testing team uses industry standard tools and techniques, to ensure that the limits and stresses of a product are understood and perform well at launch. We also offer Application Performance Monitoring to provide a long term assessment and reporting of application KPIs in a live environment.

Security testing

Security services
Yes
Security services type
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
Certified security testers
Yes
Security testing certifications
CREST

Ongoing support

Ongoing support service
Yes
Types of service supported
Hosting or software provided by a third-party organisation
How the support service works
Zoonou provides ongoing support through our vulnerability scanning and application performance monitoring services that form part of our security and performance services.

Service scope

Service constraints
Zoonou's test execution services are offered remotely with most consultancy taking place onsite. We can offer options around that model in order to suit the needs of our clients.

User support

Email or online ticketing support
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Support levels
The Zoonou team allocated to a test and QA project is available for contact via multiple means: telephone, email, webchat for support throughout the duration of our service Monday-Friday 9am-5.30pm (UK time).

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Pricing

Price
£410 a person
Discount for educational organisations
No

Service documents